Social Engineering

Criminals are no longer hacking your firewalls and antivirus, they’re hacking your employees.

Social Engineering is the art of manipulating people to provide confidential information and access that wouldn’t normally be given to a complete stranger.

Often criminals will seek to acquire things like banking info, passwords to ecommerce sites, or access to your computer or server to install malicious software to then hold you or your company ransom.

How is this method so successful?

It has little to do with the security of your network and everything to do with education. Even though you may have the best home defense system with all the most up to date alarm systems, walls to keep out intruders and even a guard dog, you still may let a robber walk right into your house if you think he’s the pizza man or an old friend from high school.

How to prevent becoming a victim;

  • Slow down. Spammers want you to act first and think later. If the message conveys a sense of urgency, or uses high-pressure sales tactics be skeptical; never let their urgency influence your careful review.
  • Delete any request for financial information or passwords. If you get asked to reply to a message with personal information, it’s likely a scam.
  • Always be leery of links and documents. Stay in control by finding the website yourself by looking them up and watch for links with lines like ‘php’ or ‘script’ in them… these are usually bad news. You can study a link by hovering your mouse over them without clicking.
  • Even if the email address is really from someone you know, it could be a threat. Hackers, spammers, and social hackers are taking over control of people’s email accounts (and other communication accounts) frequently. Once they control someone’s email account they prey on the trust of all the person’s contacts.
  • Beware of any download. If you don’t know the sender personally AND expect a file from them, downloading anything is a mistake.

The Bottom Line

Technology is always evolving and criminals are constantly coming out with new smarter ways to exploit their victims. This is why it is so important that your IT company works with your team to ensure they are educated and prepared for their day to day run ins with social engineering.

 

The other reality is that every company may at some point be hacked or taken ransom by ransomware. The best final line of defense is a reliable backup of your company’s information with a fast recovery plan. Contact Startech today for information about our Social Engineering, Penetration tests and other IT assessments and services today!