The thing with cyber villains is that they are constantly changing the way in which they attack. In a world where tech is fluid and the way people use it changes depending on so many possible variables in everyday life, it is not surprising.
Also, as business network defences grow stronger and organisations are spending more time looking into their defence infrastructure, shrinking the gaps, cyber criminals are having to become smarter to overcome these obstacles.
What is social engineering?
It’s a term that ultimately describes an attack which takes advantage of human vulnerabilities. This covers a variety of approaches that are devised in order to obtain information or data for malicious use.
Cyber criminals attempt to manipulate on a human level, tapping into the psychology of a person rather than seeing an opportunity in a technical weakness.
This can be anything from enticing people with free USB sticks to deepfake phone calls.
It has been reported (source: purplesec report – 2021 Cyber Security Statistics. The Ultimate List of Stats, Data & Trends) that 98% of hackers rely of social engineering as their technique of choice.
Tips for avoiding social engineering attacks
Sometimes it’s the simplest actions you can take that will help in your defence against cyber security. Read our basic, yet effective tips below to help you avoid being hacked by a cyber-criminal.
Probably something we think we all do but can get missed. Check the email header and cross check it against other valid emails from the same sender. You can double check the hyperlinks without clicking them by just hovering over, to see if they are spoofed hyperlinks. If you are still unsure, go directly to the official website and make contact with a representative.
Something we could all benefit from! Attackers hope to catch their victims in a state of urgency or high pressure, where they may not be thinking straight and therefore miss a trick. If you are online and are feeling stressed for whatever reason, just take a moment before you take any action. Taking your time to respond gives you headspace to actively think of the situation and therefore will avoid a possible mistake.
Secure your devices
Getting into this habit not only with work devices but also personal devices is an essential part of everyday life. By being proactive with this, even the most successful cyber criminals will find it hard to penetrate this level of security.
Here are some basic principles:
- Keep your anti-malware and anti-virus software up to date. This can help prevent malware that comes through phishing emails from installing itself.
- Keep software and firmware regularly updated, particularly security patches.
- Don’t use the same password for different accounts. If a social engineering attack gets the password for your social media account, you don’t want them to be able to unlock all of your other accounts too.
- For critical accounts, use two-factor authentication so that just having your password isn’t enough to access the account.
- If you just gave away your password to an account and think you may have been ‘hacked’, change the password straight away.
For any advice on how you can put in particular products/solutions in place to help with your defence against social engineering, please get in touch today.
firstname.lastname@example.org or call us on 020 7078 0789.