Avoid Becoming a Victim of Social Engineering

In any conversation regarding cybersecurity, the topic ultimately turns to phishing and the social engineering tactics that make this the most effective strategy for cybercriminals to hack into your computer. 

What is social engineering exactly? Wikipedia defines it as follows: “In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information.”  

Basically, social engineering tricks people into doing something that they wouldn’t otherwise do, such as, providing their passwords to the cybercriminals. According to the Verizon 2021 Data Breach Investigations Report  social engineering is the most common data breach attack method used by cybercriminals. 

What are some of the social engineering tactics? 

Social engineering has many faces. As we mentioned above, some cybercriminals might trick victims into giving their password or financial information away. Others may try to convince their victims to give them remote access to their computer or mobile device. The main focus of the bad actors are ways to gain your trust or take advantage of your curiosity by sending messages that contain malicious links or downloads. 

Some frequently used social engineering tactics involve: 

  • Impersonation:  
    An urgent request from someone known to the victim or considered a friend of the victim is a commonly used tactic by cybercriminals. Their goal is to gain trust so that they can convince their victims to give up confidential information.  
  • A legitimate-looking request from a trusted source:  
    An email, message or text that looks like it is from a legitimate organization that is interacted with on a regular basis.  
  • Sharing too much personal information online:  
    Another common method used by cybercriminals to gather information on their victims is the use of social networking sites such as Twitter, Facebook, Instagram and others and use that information to emulate or spoof services or places visited by the intended victim. Most of us provide quite a bit of personal information on these sites that cybercriminals can use to gain trust. 

Tips to avoid becoming a victim of social engineering 

  1. Slow down: If you receive an “urgent” message that requires immediate action, slow down and take a moment to consider whether an actual response is necessary. Was the message expected? Is the message normal from this person or entity? Is it a common request? Or is the request unusual? These are just a few of the questions to ask before responding to urgent requests. 
  1. Downloads: Always use a reputable web browser and examine the links being accessed before clicking on them. Downloading free apps may seem like a good idea but they may contain malicious code that can compromise a system. 
  1. Do not provide financial information or passwords: Avoid providing any confidential information to requests for help or offers to assist from people you don’t know. To take it a step further, there are very few reasons for anyone (known to you or not) to ask for this type of information. 
  1. Cybersecurity awareness training: Investing in cybersecurity awareness training helps with understanding and recognizing phishing attempts by educating and testing using phishing simulations on a regular basis. It is a great way to help strengthen the human firewall and make your people best line of defence against cyberattacks.  

Cybercriminals continue to work at their craft finding better ways to gain trust. It is important for organizations to continue to invest in their people to minimize the risks of becoming victims of social engineering.  

Contact MicroAge today to find out how we can help you. 

Get the most from your IT

As service providers to more than 300 companies, the dedicated professionals at MicroAge are second to none when it comes to managed services. By improving efficiency, cutting costs and reducing downtime, we can help you achieve your business goals!

Most commented posts

What You Need to Know about Google Tracking Your Location

Google is tracking the whereabouts of billions of its customers, even when they tell the tech giant not to. Here is what you need to know about this practice, including how to minimize the amount of data being stored about you.

Read More
tendances informatiques 2020 it trends

4 Upcoming IT Trends Businesses Need to Know About

As we look toward 2020, there are some very interesting IT trends that will affect the way businesses operate. Let’s take a look at 4…

Read More

VoIP Phone Systems

Your regular office phone system could be preventing your small business from growing. If you're not using a VoIP Phone system right now, you’re probably tied down to an office desk phone, costly monthly phone bills, and other expenses that come with a company landline and cell phone. What if there was a simple solution...

Read More

Have You Considered Device-as-a-Service?

This past year has brought with it many changes and many learnings. The word “transformation” has become one of the most used, or some would…

Read More

Preparing for Compliance to the Modernization of Privacy Laws in Canada

With all the different legislation either already enacted or being enacted in different jurisdictions, organizations may find it difficult to determine what they need to…

Read More