|
|
|
|
|
|
by nutbear
1430 days ago
|
|
|
Thanks for sharing your story! A decent amount of disclosure programs explicitly call out social engineering as unacceptable conduct and submissions. However, social engineering is a very valid method for attackers and in many cases, offers the path of least resistance. While I understand why companies don’t want good faith security research to call and try to trick the human factor, this is still a very real attack vector that needs attention and to be fixed as in what you’ve described. |
|
|