What Is Social Engineering?

The best firewall and software security cannot stop social engineering.

Social engineering, the art of manipulating or deceiving users into taking an action or divulging sensitive information. No amount of security preventatives can overcome a business’ most exploitable resource, it’s employees.

The most common method used in social engineering attack is phishing. This relies on human error to glean credentials or spread malware through infected email attachments or malicious links.

Watch out for these three types of social engineering schemes.

Digital Attacks.

Phishing. Email-based social engineering targeting an organization.

Spear Phishing. Email-based social engineering targeting a specific person or role.

In-Person Attacks.

USB Attacks. An attack that uses a thumb drive to install malware on your computer.

Tailgating. When a hacker bypasses physical access controls by following an authorized person inside.

Phone Attacks.

Smishing. Text-based social engineering.

Vishing. Over-the-phone-based social engineering.

Preventative Measures.

Stop. Look. Think. Before clicking on a link or opening an attachment via email, verify it’s legitimate. If it is from a website, visit the site directly rather than clicking on the link. Confirm with the sender over the phone or in-person before opening suspicious attachments. This applies to both text or email links.

Similarly, before providing information over the phone it is better to be firm than insecure. Ask that person if you can call them back to confirm accuracy of request before complying.

On-Going Training And Education.

Bridgehead IT offers employee training, phishing simulations, and other security methodologies that seek to protect employees and businesses from threat actors. Through our partnership with KnowBe4, our cyber security team works with clients to stay informed on your specific environment and the unique challenges it faces.

Amateurs hack systems, professionals hack people.

— Bruce Schneier

Total Technology Solutions For Your Business

Our services are engineered to meet the specific objectives of each client. That starts with having the right people, who are experts in their field to develop solutions that support our clients. 

Thoughtful solutions, not quick fixes.