Social Engineering and Cyber Security

red icons and words describing social engineering targets

Social Engineering is the art of manipulating people to give up confidential information or break normal security measures. The attacker’s goal is to gain access to your network, systems, accounts, or other devices where private information may be held. Cybercriminals use social engineering tactics because it is easier to exploit your natural inclination to trust than it is to hack into an account. Many security professionals will admit that the weakest link in the security chain is the person who accepts a request or situation at face value. No lock, alarm system, deadbolt, guard dog, or fence can protect your system if the user is not vigilant. Let’s dig into what a social engineering cyber-attack looks like.

Baiting the User

This method offers something that people want in hopes that the user will take the bait. These schemes are most often seen on social media sites or peer to peer sites such as GoFundMe or Craigslist. People who take the bait expose themselves to many exploits against themselves and their digital network of friends and family.

Email from a friend

These criminals love to use email because they can tailor the attack to come from a friend. Remember, it is all about exploiting your trust. They will send you emails from a friend’s account that may contain a link or a download that has malicious software embedded. Since the message is coming from a friend, you are far more likely to fall for it and click the link.

Email from a trustworthy source

These emails are also known as phishing emails, socially engineered to portray a logical reason to hand over sensitive personal data. These emails focus on posing as a legitimate source such as a boss, coworker, trusted business, or charity. With messages asking for your help, for a donation, or for information verification, it is easy to fall for the trick. Make sure to scan for suspicious emails and delete them from your inbox.

Tips for staying vigilant against social engineering.

– Beware of links and downloads unless you know the sender and are expecting a file from them.
– Research the facts. Sometimes emails come from a trusted business that you may use. Use a search engine to find their phone number and their real website.
– Be in control of where a link takes you. Instead of clicking on the link use a search engine to be sure you land where you intend to land.
– Watch out for email hacking. This crime is on the rise! Once a hacker has control of an email account they can prey on that person’s contacts. You may get an email from your boss but if the message is suspicious make sure to ask your boss before acting.
– Slow down and analyze the messages that you receive. Hackers are hoping that you will act before thinking, so be skeptical.

 

If your business needs a strong technology partner. Make sure to give Halski Systems a call at 866.260.4457 or contact us through our website!

Enjoy this blog? Please spread the word: