Social Engineering

What is Social Engineering?

Tech TuesdaySocial engineering is the act of tricking somebody into divulging details or doing something about it, normally through technology. The idea behind social engineering is to take benefit of a possible victim’s natural propensities and emotional reactions. To access a computer system network, the typical hacker may look for a software vulnerability. A social engineer, however, could impersonate a technical support individual to fool an employee into disclosing their login credentials.

The kinds of information these lawbreakers are looking for via social engineering can differ. When people are targeted, the crooks are usually attempting to fool you into providing your passwords or bank information, or access your computer to secretly set up harmful software that will provide them access to your passwords and bank information as well as providing control over your computer.

This type of social engineering depends upon a victim taking the bait, not unlike a fish reacting to a worm on a hook. The person dangling the bait wishes to attract the target into acting.social engineering fast facts

The criminal utilizes the phone to trick a victim into turning over valuable information. A criminal might call a worker, presenting as a co-worker. The criminal might dominate upon the victim to supply login credentials or other details that might be utilized to target the company or its employees. Something else to keep in mind about social engineering attacks is that cyber wrongdoers can take one of 2 methods to their crimes.

The criminal might locate the name and e-mail of, say, a human resources person within a specific company. The criminal then sends out that individual an email that appears to come from a high-level company executive. Some current cases included an e-mail ask for staff member W-2 information, that includes names, sending by mail addresses, and Social Security numbers.

What is an example of social engineering?

Social engineering is an phishing attack that relies heavily on human interaction and often involves manipulating people into breaking normal security procedures and best practices in order to gain access to systems, networks or physical locations, or for financial gain.

The attacks used in social engineering can be used to steal employees’ confidential information. The most common type of social engineering happens over the phone. … Gradually the hacker gains the trust of the target and then uses that trust to get access to sensitive information like password or bank account details.

Don’t Fall Victim Yourself! Slow down. Social engineers frequently depend on their targets to move rapidly, without considering the possibility that a fraudster might be behind the e-mail, telephone call, or in person demand on which they’re acting. If you stop to consider the ask and whether it makes sense or seems a bit fishy, you may be more most likely to act in your own benefit not the fraudster’s.

For example, it is much simpler to fool somebody into offering you their password than it is for you to attempt hacking their password (unless the password is really weak). Security is everything about knowing who and what to trust. It is necessary to know when and when not to take an individual at their word and when the individual you are communicating with is who they say they are.

Stay in control by discovering the website yourself utilizing an online search engine to be sure you land where you plan to land. Hovering over links in e-mail will show the actual URL at the bottom, but an excellent fake can still steer you wrong. Hackers, spammers, and social engineers taking over control of people’s e-mail accounts (and other communication accounts) has ended up being widespread.

Additional Resources: 

What is Social Engineering? – Webroot

Deep Fake Audio (Social Engineering) spells trouble for business as the latest grade text to audio and Artificial Intelligence (AI) technology can make it near impossible to detect if you are talking to the familiar voice from the office or a computer trying to get key details. Because this can be automated, many cyber-criminals will result to these methods in the coming years. More reasons for businesses and organizations to tighten up their multi-factor policies for all internal and external processes.  Learn more about this technology

ccnytech logo buttonTech Tuesday is heard each Tuesday on Mix102.5 with Big Poppa and CCNY Tech Engineer Jake Sears. Since 1988, CCNY Tech has been an IT Hardware Sales and Services company. Ten years ago, CCNY Tech has added IT Asset Disposition to it’s offerings.

 

Posted in