OUCH!  Jan 2017 Social Engineering

A common misconception about cyber attackers is that they use only highly advanced tools and techniques to hack into people’s computers or accounts. Social engineering is a psychological attack or scam where an attacker tricks you into doing something you should not do. Social engineering attacks are not limited to phone calls or email; they can happen in any form, including text messages on your phone, over social media, or even in person. The key is to know what to look out for--you are your own best defense.

If something seems suspicious or does not feel right, it may be an attack. The most common clues of a social engineering attack include:

  • Someone creating a tremendous sense of urgency. They are attempting to fool you into making a mistake.
  • Someone asking for information they should not have access to or should already know, such as your account numbers.
  • Someone asking for your password. No legitimate organization will ever ask you for that.
  • Someone pressuring you to bypass or ignore security processes or procedures you are expected to follow at work.
  • Something too good to be true. For example, you are notified you won the lottery or an iPad, even though you never even entered the lottery.
  • You receive an odd email from a friend or coworker containing wording that does not sound like it is really them. A cyber attacker may have hacked into their account and is attempting to trick you. To protect yourself, verify such requests by reaching out to your friend using a different communications method, such as in person or over the phone.

If you suspect someone is trying to trick or fool you, do not communicate with the person anymore. If the attack is work related, be sure to report it to your help desk or information security team right away. Remember, common sense is often your best defense.

Original source: https://www.sans.org/security-awareness-training/ouch-newsletter/2017/social-engineering

Revamp Cybersecurity is a managed service provider + All things cybersecurity and IT.
Email: info@revampcybersecurity.com to Get Secure Stay Secure