Those who work in IT and Cybersecurity are all too familiar with Social Engineering. These types of attacks have increased in recent years which has caused many businesses to lose data through data breaches.
What is Social Engineering?
Social Engineering is a cybercrime which involves hackers taking advantage of employees to access private information. Social engineers generally pose as a person that the victim would trust, e.g. a colleague, friend or a company that the business works with. This ‘trust’ is then used to trick the victim into clicking a link which will then steal passwords and/or confidential information.
For hackers, it is often easier to take advantage of an individuals trust rather than hack into a system. Although Social Engineering is not a new concept, Social Engineering techniques have certainly become more sophisticated and personalised. This has made them even more difficult to recognise.
Examples of Social Engineering
To help you spot a Social Engineering attempt, we have a selection of examples below. However, Social Engineering may be presented in a variety of ways, it is essential that team members are diligent in ensuring they do not fall victim to there cyber breaches.
The Boss
This Social Engineering attempt looks like an email from your boss requesting your assistance with something urgently. This could be a request for files containing confidential information etc. This can lead to unauthorised individuals having access to sensitive data that can damage your business or cause serious delays in processes.
The Account Suspension
This is a difficult one to dismiss. If you receive an email that your account has been suspended or compromised and you need to verify your information or reset your password, double-check with your IT provided to ensure it is legitimate as these emails can seem authentic. If you are unsure check the site that the email is supposedly from to ensure it is official and if there are any notices or warnings for users. Just be sure not to click the link embedded in the email.
The Dream Offer
If you hear from a LinkedIn recruiter offering you the role of your dreams, with all the benefits and perks you could wish for, be wary! If you receive one of these, ensure that it is official and not an attempt to steal your data. Although there are many recruiters online headhunting people, ensure that the email is official and not an attempt to steal data.