What is Social Engineering?

Social Engineering is how cyber fraudsters use human interaction to trick people into breaking security practices. The success of social engineering depends a cyber fraudster’s ability to manipulate victims into performing certain actions or providing confidential information. Today, social engineering is recognized as a significant security threat.

What are the most common types of social engineering attacks?

Phishing: A phishing attack is the practice of sending emails purporting to be from a reputable company or organization in order to induce individuals to reveal personal information, such as passwords, account numbers, etc.

Here are some common email phishing attacks:

• Security Alerts
• Revised Vacation and Sick Time Policy
• UPS Label Delivery
• A Delivery Attempt was made
• All Employees: Update your Healthcare info
• Change of Password Required Immediately
• Urgent Action Required

Baiting: Baiting is like the real-world Trojan Horse that relies on the curiosity or greed of an unsuspecting victim. For example, a cybercriminal can leave a malware-infected physical device, such as a USB flash drive, in a place it is sure to be found. The device is picked up by someone and that person loads it onto his or her computer, unintentionally installing malware.

Scareware: Scareware involves tricking a victim into thinking a computer is infected with malware. The cyber fraudster then offers the victim a solution that will fix the “problem” but victim is simply tricked into downloading and installing the attacker’s malware.

Social engineering attacks are limited only by a attacker’s imagination. If something online strikes you as a little off or too good to be true, question it. If you don’t remember sending a package or signing up for a contest, then don’t click the “track my package” or the “congrats, you’re a winner!” links.

There are many Social Engineering Red Flags to help prevent you from becoming a victim of cyberattacks. Click here for more information.

Visit this webpage for alerts and more information on common scams.

Remember stay alert!