Social engineering is the art of manipulating others to give up confidential information. The types of information that hackers seek can vary, but usually they are trying to fool you into giving them either passwords, bank information, or access your devices like computer, phone or social media to them access your information.
Hackers use social engineering tactics because it is usually easier to exploit. It is easier to fool someone to give you their password than it is for them to hack their way in your devices.
The foundation of cyber security is knowing who and what to trust. It is crucial to know that you are speaking to the person who they say they are. The same is applies to online communications and website usage.
Any security professional will tell you that the weakest link in the security chain will always be people! Because most people will accept a person or scenario at face value. No matter how many fences, traps, locks or deadbolts your place on your property, if the person at the gate is vulnerable than your property and all your belonging are also is completely exposed to whatever risk is out there.
What Do Social Engineering Attacks Look Like?
It can range from something as simple as an email from a friend with a link or an attachment, to a fake phone call from the IRS demanding immediate payment for your taxes.
If a hacker manages to hack or socially engineer your password, they have an entry point to your entire network because most people only use 1 password for their entire digital world.
Once the hacker has that email account under their control, they can send emails to your network of contacts and attack them as well.
The hacker can take advantage of you network by:
Sending emails containing links or download of pictures, music, movie, document, that your contact will click on because the link coming from a known source. Then, the criminal has access to everyone you know, And on, and on.
Some of the attacks messages may contain:
- Urgently asking for help.
- Use phishing attempts with almost legitimate background.
- Ask to donate to a charitable or disaster relief event.
- Present a problem that requires you to “verify” your information such as IRS, Bills, mortgage or others.
- Notify you that you’re a ’winner.’ from a lottery, or inhere money from a dead relative.
- Pose as a friend or your spouse, boss or coworker.
How to protect yourself
- Delete all request for financial info or for passwords.
- Check the reply email account before replying to the request.
- Reject requests for critical help or offers of help.
- Set your spam filters to high.
- Secure your devices by install anti-virus software, firewalls, email filters and make sure you keep them up-to-date.