Social engineering is the art of manipulating or deceiving users into taking an action or divulging sensitive information. No amount of security preventatives can overcome a business’ most exploitable resource, its employees.
The most common method used in social engineering attacks is phishing. This relies on human error to glean credentials or spread malware through infected email attachments or malicious links.
Watch out for these three types of social engineering schemes.
Phishing. Email-based social engineering targeting an organization.
Spear Phishing. Email-based social engineering targeting a specific person or role.
USB Attacks. An attack that uses thumb drives to install malware on your computer.
Tailgating. When a hacker bypasses physical access controls by following an authorized person inside.
Smishing. Text-based social engineering.
Vishing. Over-the-phone-based social engineering.
Stop. Look. Think. Before clicking on a link or opening an attachment via email, verify it’s legitimate. If it is from a website, visit the site directly rather than clicking on the link. Confirm with the sender over the phone or in person before opening suspicious attachments. This applies to both text and email links.
Similarly, before providing information over the phone it is better to be firm than insecure. Ask that person if you can call them back to confirm the accuracy of the request before complying.
On-Going Training And Education.
Bridgehead IT offers employee training, phishing simulations, and other security methodologies that seek to protect employees and businesses from threat actors. Through our partnership with KnowBe4, our cyber security team works with clients to stay informed on your specific environment and the unique challenges it faces.
Amateurs hack systems, professionals hack people.
— Bruce Schneier
Total Technology Solutions For Your Business
Our services are engineered to meet the specific objectives of each client. That starts with having the right people, who are experts in their field to develop solutions that support our clients.
Thoughtful solutions, not quick fixes.