Cybercrime is a threat worldwide, and with ongoing technological advancements, cybercriminals are constantly finding new ways to compromise companies’ security. Many companies protect themselves by securing their systems with programs designed to combat hackers.
However, this kind of cybercrime is not the only threat to companies. Social Engineering is a term used to encompass a range of malicious activities and can cause just as much harm to your organization.
What is Social Engineering? It is when a cybercriminal uses psychological manipulation to gain one’s trust and trick them into giving away sensitive information, making an organization vulnerable.
Here are five Social Engineering hacks to watch out for and tips to stay vigilant in the workplace.
- Phishing –Previously discussed in this blog, phishing is the most common type of Social Engineering attack. Phishing is aimed at obtaining personal information through email claiming to be someone you know.
- Tailgating – This type of tailgating is when a criminal physically follows an employee or talks their way into a building or area with restricted access. Attackers strike up conversations to work their way past a front desk attendant or even walk in behind someone with key card access as if they belong there too.
- Pretexting –This is a Social Engineering tactic defined by an attacker establishing trust by impersonating someone else and asking questions to confirm one’s identity, and gathering sensitive, personal information.
- Baiting – Similar to phishing, with baiting there is an added element of promising something valuable. For instance, a criminal may promise a gift card or coupon, tricking an employee into providing login credentials.
- Open-source Intelligence Gathering – This is when a cybercriminal gathers information about you from public online sources such as Facebook, Instagram, Twitter, LinkedIn, etc., and then uses it to obtain sensitive information, gain someone’s trust, or even impersonate you.
While these kinds of Social Engineering attacks exist, there are ways to stay vigilant and take precautions. Here are a few:
- Lock essential rooms
- Keep sensitive information stored away and off desktops
- Lock your computer every time you step away
- Be aware of what personal information you have on public sites
- Maintain the latest anti-virus software
- Always erase whiteboards and remove documents from printers
- Do not share financial information via email
- Be suspicious of unsolicited phone calls, emails, and unfamiliar people on site
- Enforce multi-factor authentication for devices
- Educate your employees on these helpful practices
Interested in more ways to prevent Social Engineering and better secure your organization or company? Drop us a line at solutions@thetek.com
