Social engineering attacks are scams using psychological techniques to trick you or your employees into revealing private information.
Similar to the tricks and tools used in movies such as “Oceans 11” or the television show “Mr. Robot,” these efforts can be elaborate or simple and done remotely. The risk is real and unsuspecting companies are attacked all the time. Social engineering attacks try to give off the impression that they aren’t scams at all.
The end goal of the techniques used, which we will explore more below, is for the scammer or attacker to find out as much information as possible, then use it to hack you or your company, to gain funds or intellectual material. These tricks include getting someone to insert a fake USB meant to hack you, imitating a trusted person, trying to obtain protected information through email, or attempting to have targets download a file.
Educate Your Employees
As your employees conduct their workday, many go online into their accounts, whether you realize it or not. Your employees will access search engines, email, text messages, or social media accounts. They will post photographs, work-life updates, and detailed information about your company or the people in it.
Whether your CEO is the one who spills the beans about their big trip out of the country, or an employee, alerting hackers about the times when security is lax (ex., “Everyone in the office has left for the week, except me.”), this can be a legitimate risk to any corporation or business.
Educate your employees on what details, if any, are okay to share publicly, and consider a non-disclosure agreement for anything highly private. Check the details that attackers already know about you through Social Catfish and discover which security to beef up!
Unknown USB
When people find USB drives, they tend to plug them into their computer and thus expose their information or that of their company. This isn’t an unproven theory, tests have been done, and the reality is more than anecdotal.
Theoretically, a skilled hacker could get highly sought-after intel, if even one employee inserted a USB they were sent or found. You can read more about the University of Illinois report on this.
To prevent this, education is also essential. Do not insert any USB into your company computer if its origin is unknown, as it could install malware or lead to a hack or system crash. Make sure all tech software is up to date, to help catch and prevent phishing attacks.
Unsolicited Communication
If you have people that you correspond with frequently, add them to your address book. That way, if attackers message from a different email address (which has been altered to showcase the first and last name of someone you trust), you will be more likely to notice the change. Another source of social engineering attacks is emails that seem to be professional (ex., they reference that they’re sending employee database updates or marketing information) but contain downloadable malware or links to phishing sites.
If an email seems to be from a trusted coworker or business contact, but the instructions are suspicious, call the individual directly to inquire about the content of the message. Use the phone number on their website or on your phone, not in the email sent. Also, consider speaking to your technical department or superior.
Password and Entry Off-Limits
Do not give out your password, to anyone. One example of social engineering attacks is your website server calling to alert you of a hack and needing you to verify your company’s website password. The person on the other end of the line may sound professional.
They know what they’re doing and have a lot of practice. Don’t trust any request for a password and, if you have given a password for a system to the wrong person (even a former employee!), change your password and security questions immediately.
As new phishing, vishing, spear phishing, and whaling are daily forms of social engineering attacks, be diligent and read up on the subject often.
Search through Social Catfish to see what information about you or your company is discoverable online and what you can remove.
Spear phishing is an attempt to steal sensitive info such as credit card, financial, and banking info from a victim for malicious reasons. The main difference between regular phish… Read More
A cyber attack is an offensive maneuver that targets computer information, infrastructures, computer networks, or a personal computer device. A cyber attack can be an individual, a… Read More
As the coronavirus continues to plague the nation, states have come up with their own versions of stay at home orders for us to follow. There have also been several small businesse… Read More
Phishing is an attempt to obtain private information such as usernames, passwords, and credit card information from innocent victims online. Solely for malicious reasons by disguis… Read More
Is your significant other cheating on you? Did your child secretly make a Tinder account? No matter what your dating situation or dilemma, read this a ...
Read More >>Have you ever wondered how to find out if someone has a dating profile, like your boyfriend, girlfriend, or spouse? This situation comes up more of ...
Read More >>Dating online is most people's go-to way to discover their prince charming or princess of their dreams. However, scammers know just how badly people w ...
Read More >>Are you looking for hidden online profiles? While it would be helpful if social network profiles were always easy to find, that often isn’t the case ...
Read More >>What is Catfishing on Ashley Madison? Ashley Madison is the best of what modern relationships have to offer the cheaters of the world. Their tag li ...
Read More >>You've been talking to someone online, and you start getting suspicions and you're getting some signs that you might be catfished. The person t ...
Read More >>0 Comments
Social Catfish is an online dating investigation service based in California, USA. We verify information to confirm if the person that you've met online is really who they say they are.
We do in depth checks using our own proprietary online tools to verify things like images, social profiles, phone numbers, emails, jobs and a lot more to make sure that you have the most information about the person that you've met online. We are the only company doing verification of public information such as jobs, phone numbers criminal checks as well as social profiles and images.
If you want to be aware of the latest news and catfish stories, subscribe to our newsletter!
