Social engineering isn’t really a threat … or is it?
So what is it? It is a non-technical method of intrusion that hackers use where people are tricked into breaking normal security procedures.
You may have been a target of a social engineering attempt in the past without even realizing it. For example, you get a call from someone claiming to be from your bank, asking for your account details and answers to security questions. To identify if the call is legitimately from your bank, ask the caller for the banks reference number and call them back on the telephone number the bank has provided.
Those who engage in social engineering attempts are extremely stealthy in their efforts and benefit from a surprisingly high number of people who don’t recognise their message as a fake.
McAfee has posted a phishing quiz on their website, so that users can put their skills to the test and see if they can tell the legitimate email requests from the real ones. It only takes a few minutes and is very eye-opening – have a go and test yourself!
Hackers seeking to breach IT systems can begin a cyber-attack by using simple and sophisticated viruses or malware, which they inject into the information system. They often begin by tricking people into giving out passwords or other details, which the hacker then uses to access key systems to begin the attack. For this reason, we all need to be aware of what we are doing online – especially when and with whom we are talking.
Cloud, social media apps and other technologies, for example, also make it easier for hackers to target companies and consumers, stealing confidential and personal data.