Social Engineering

Social Engineering: Involves posing as a legitimate entity to gain access to personal information, confidential company information, and/or install malware/viruses.

Malware typically is installed by the user. A small percentage attacks exploits in the software, while the majority tricks the user into giving information or installing malicious software.

Phishingis the most common form of social engineering. Examples of Phishing include Court Notices, Ransomware, and using legitimate sites to carry out social engineering. For example, a fake Job listing on a career site that sends you an email with malicious software.

Other examples of Social Engineering

Baiting: Leaving an infected USB drive that an unsuspecting person uses.

PretextingOne party poses as a legitimate entity to scam the other party.

ScarewareSoftware that "claims" your computer is infected and asks you to enter credit card information, or call a support team to remove the threat.

Social Engineering Protection

When using email, chat, phone, or in person, never provide confidential information to unverified sources.

Do not click on embedded links from unknown sources. Do not download any attachments from unknown sources.

Delete all email from unknown senders or sources.

Use a password that is at least 9 characters long. 

Use 2-step verification-this is involves using your login information, and a second authentication method. If the malcious party has your account credentials, they still will not have access to your account.

For information on turning on Gmail 2-step verification click here.

For information on turning on Yahoo 2-step verification click here.

Was this article helpful?
1 out of 1 found this helpful