“Social engineering is the art of manipulating, influencing,
or deceiving you in order to gain control over your computer
system. The hacker might use the phone, email, snail mail or
direct contact to gain illegal access.” KnowBe4
Phishing & other cybercrime isn’t just done through e-mail – in fact, a single cyber criminal may have several simultaneous attempts going at once, on various media and platforms, all targeting you and your company. It can start with a text message, a phone call, or a rogue website or link while you’re browsing the web.
Fake IT Communications
A common social engineering tactic that targets employees is a hacker pretending to be
IT support. “They will call everyone they can find at a company to say they have a quick
fix and “you just need to disable your AV”. Anyone that falls for it gets malware like
ransomware installed on their machine.” KnowBe4
Leaked Info Phishing
There have been numerous leaks of information from big-name websites all across the
globe – and it’s a safe bet your information was leaked at least once this way.
Cyber criminals will use info they already have on you as a lure to trick you into sharing
more.
Security Basics
● Pause before clicking every link – even if it’s from a
source you normally trust.
● Use Multi Factor Authentication on every platform it’s
available on.
● It’s not ‘if’, but ‘when’ – be aware of your internet
behavior so you aren’t a liability.
● Stay up-to-date on evolving phishing & social
engineering techniques.
● Use safe browsers with high user ratings, and limit
your use of third party plugins.
● If you aren’t sure if something you are doing is safe,
ask IT/Network Security.
● Ensure the website you are using is secure, starts with
https:// and doesn’t look “off”.
● Be aware of baiting scams and don’t fall for that dollar
on a string – it could risk your entire network’s safety.
For more information about social engineering in information & data security, check out KnowBe4’s page about it here.
AUGUST 10 2020
Authored here @ hello internet.