I'm gradually understanding your idea on social engineering. There is a recent increase in social engineering tricks used by hackers to attack a company. The internet or social media platforms are open, anybody can access information about a user. Hence hackers use the posts or information an employee publishes online, to determine useful tricks in deceiving the person to release a few personal details that can lead the hackers to the victim's personal computer and then gain access to the company secret database. I've read of the spear phishing attack and LinkedIn is quite a useful tool in getting employees' emails. The hacks distribute mails, which from the employee's social media presence seems important or valuable to the recipient, if a few of them click on the link they can fall for an attack or download a malware inscribed with a keylogger, which helps the attacker to trace every information they input on their keyboard.
Yes, the latest high-profile hack is the Ledger library hack due to a compromised former employee of the company.
Thereby garnering some relevant information needed to access the company's main data. All these rely on the training given to the employees and the main purpose of their social media activity. By doing some research on LinkedIn you'd be able to see a handful of casino staff who use the medium to advertise their casino and at the same time answer difficult questions about the well-being of the casino and the services they render. As for their address, I can't say for sure why anyone would be looking for the casino's address on social media, the registrar or license issuing company can share the address on their website or indicate whether it's offshore or not. Then the person in need of the address can look into the country where the offshore company is located. Talking of financial transparency, I'd say that the casino doesn't need to open up to the entire public about the amount of money they've got in their save or wallet. It can attract hackers to infiltrate the company. People suspect that Stake was hacked a few months ago because they were transparent with how much they spent signing a deal with Drake.
I couldn't agree more. We are all accustomed to the fact that casinos = money, big money. I don’t even mention the amount of the casino’s turnover and deposit, we know that they have money. Therefore, hackers without any information about deals, partnerships and investments should strive to hack casinos. But for the final gambler, information about the casino’s operating turnover can be important.
Only the internal workers would know about the money generated by a casino. Don't think that we gamblers need to be worried about that, as it's mainly not our concern. We are supposed to focus on the services the casino provides. If they don't give out quality services the gamblers can demand to know what's happening behind the scenes. But, for the financing, it's risky, because the hackers already are informed of the amount of money these casinos own, but reminding them could be dangerous to the casino. When hackers start seeing such a huge amount, it'll drag their interest to the casino. As it stands, hackers are trying on different casinos and the vulnerable ones could be hacked successfully. It would be disappointing to notice that after spending so much money to hack a casino site they won't be able to generate enough money to cover for the tools used in hacking. However, I know less about hacking, but sure that some of the requirements to hack a site demand money.
Hence, not all hackers would have the finance to execute a planned hack on a casino they're not aware of the amount of money they could steal from them. Just like in banks, thieves don't visit unless they're aware of the money available. Every casino has its hackers that help to protect them against attack, so the time frame to steal money from a casino may be less before their hackers can gain back power over the website. So, whatever means of stealing money on the internet is not easy and may not be worth the stress if enough information is not available. You can't assume that a particular department has money and move ahead to hack them. That's why they use social engineering to target staff who may be victims of information derivation.