What is Social Engineering?

Social engineering is deception, manipulation, and trickery to get into your computer system, and it is a big risk to your cybersecurity.

Attackers are engaging people through social media, mobile apps, and email by creating fake profiles that resemble that of someone they know; a friend, family member, colleague or CEO.  The profiles look very much like the real thing. You could receive an email with your CEO’s name as the sender, and a request in the body of the email that you don’t second guess because it is, after all, your CEO. There could be a link that they ask you to click, and you do because you trust the source.

Except the source is a fraud, and they have you right where they want you. If you click, it is highly likely that your computer will be infected with malware, allowing the attacker to take over your PC.  A good rule of thumb: think before you click.

It’s a common assumption that attacks are mostly concentrated on trying to exploit a technical vulnerability in your software. But would you believe that 97% of attackers are going about it through social engineering?

Here are 4 steps to help you avoid falling for a social engineering scheme:

  1. Check the sender of every email.

    • Do you recognize the sender’s email address as someone you typically communicate with?

    • Is the email sent from someone within your organization, or a client or vendor that sounds out of character?

    • Is it an unexpected email from someone you don’t know with hyperlinks in it?

  2. Look at the subject line.

    • Does the subject make sense with the body of the email?

    • Are there grammatical errors?

    • Is it a reply to something you never sent?

  3. Hover over hyperlinks to check for authenticity.

    • Is the address link different from the website shown? MAJOR red flag!

    • Is there spelling errors in a well-known web address?

  4. Examine the body of the email.

    • Does the email appear random and have spelling errors?

    • Are you being asked to click a link or open an attachment that seems suspicious or that you weren’t expecting? Does it look like a dangerous file type?

Keep yourself and your organization safe by being aware of social engineering schemes. If you look out for those red flags you are taking the first step to preventing your personal information from being compromised. If you’d like to have an auditor go over security measures and other ways to protect your data, connect with one of our service reps! Cybersecurity is crucial in ensuring you and your employees are protected.

Did you find this article helpful? Check out 8 Types of Phishing as well!