GTSS Blog

Would Your Users be Tricked by Social Engineering?

Would Your Users be Tricked by Social Engineering?

The term social engineering may not seem nearly as intimidating as other cybersecurity terms like ransomware or denial of service. Don’t be deceived! Some of the biggest threats to your company’s data and network security use social engineering to manipulate targets into taking a specific action - like disclosing personal information that can be stolen and exploited.

Often overlooked by the media in favor of major data breach events, there are few types of social engineering hacks that have the capability to devastate a business.

  1. Vishing: Given the fact that the number of people who fall for phishing attacks and other email scams has declined significantly, it was only a matter of time before hackers found an alternative avenue to exploit their targets. After abandoning it a few years ago in favor to digital scams, vishing - a fraudulent voice call that seeks personal information - have once again returned as a favorite among hackers and thieves.
  2. HTTPS: SSL certificates used to ensure that a website was legitimate and secure enough to protect your personal information. Websites that have ‘https’ no longer signifies security, as hackers have begun using websites that give away SSL certificates for free and using them to lull victims into a false sense of security. To make sure a website is secure, you’ll want to look for indication of an extended validation SSL (EV-SSL) which are not offered for free! EV-SSLs are signified with a green bar.
  3. Website Copy-Cats: Scammers have become very skilled at making spoof websites that look and feel just like the authentic website but are actually littered with all typesof malware. For example, after the Equifax data loss event in June 2017, Equifax set up a website to help their clients who had their information compromised with the URL: equifaxsecurity2017.com. A spoof of that website, with the domain securityequifax2017.com, was so convincing - it even tricked Equifax themselves! A few things to keep an eye out for when trying to determine if a website is legitimate, include:
    1. Make sure the URL is correct.
    2. Avoid giving out information unless a site has an EV-SSL.
    3. Look for seals of trust from other IT security websites.
    4. Beware of misspellings, typos and broken English.
  4. Every Word Password Theft: There are a lot of hacking tools that will scan through databases - including every word in the dictionary. These tools significantly increase the likelihood that a password that includes an actual word will be cracked and exploited. The best practices are ones that mix numbers, letters and symbols that make no sense.

When it comes to digital threats, for every exploit or hack that is prevented, a few, more advanced ones are developed. The best way to keep your business, and it’s data, safe is to take proactive measures and execute safe internet practices all times - and that goes for your employees, as well! Would you like to learn more about how you can stay ahead of hackers? Call us at GTSS.

These Smartphones Make an Excellent Gift (Even To ...
Tip of the Week: Using Your Smartphone More Effect...
 

Comments

Already Registered? Login Here
No comments made yet. Be the first to submit a comment

Tag Cloud

Tip of the Week Security Best Practices Technology Privacy Cloud Hackers Microsoft Google Backup Software Business Computing Windows 10 Smartphones Malware Business Ransomware Hardware Network Security Hosted Solutions Productivity Innovation Small Business Email Computer Android Business Continuity Disaster Recovery Internet Efficiency Data VoIP User Tips Alert Windows Data Backup Upgrade Cybercrime Mobile Devices Social Engineering Law Enforcement Smartphone Telephone Systems Office Cybersecurity Managed IT Services Collaboration Virtualization Outsourced IT Quick Tips Network Communications Operating System Managed IT Services Money How To Computers App Server Browser Miscellaneous Social Media Chrome Gadgets Artificial Intelligence Windows 10 Data Recovery Safety Communication Bring Your Own Device Data Breach Office 365 Cloud Computing History Router Mobile Device Management Office Tips Remote Computing Flexibility Business Management Passwords Health Password Spam Work/Life Balance Google Drive Automation Wi-Fi Best Practice Microsoft Office IT Services Data Security Marketing Word IT Management Apps HaaS Facebook OneNote Saving Money Two-factor Authentication Gmail Data Management Internet Exlporer Private Cloud Hacking Bandwidth Unsupported Software Data storage Black Market Public Cloud Government Automobile Physical Security Workplace Tips Phishing Productivity Spam Blocking Mobility Redundancy The Internet of Things Avoiding Downtime End of Support Data Storage Downtime Recovery Holiday Conferencing Tip of the week Telecommuting NarrowBand Shadow IT Internet exploMicrosoft Specifications Users Reputation Vulnerability Mobile Device Music Files IT Consultant Robot Information Technology Amazon Web Services iPhone Voice over Internet Protocol Encryption Sports Emails Windows Server 2008 Remote Work Wireless Technology Relocation Remote Monitoring Advertising HBO Business Intelligence Virtual Reality Customers Computer Care Solid State Drive Managed IT Uninterrupted Power Supply Video Games Wearable Technology Leadership IT Plan Battery Settings Telephony Online Shopping IT Support Risk Management Managed Service Provider Networking Data loss VPN Windows 7 Identity Theft Content Humor Update Patch Management Outlook Millennials Worker Commute Samsung Audit Botnet Scalability USB Laptop Employer-Employee Relationship Education Skype Evernote DDoS Politics Current Events Screen Mirroring Multi-Factor Security Notifications Flash Credit Cards Audiobook Chromecast Root Cause Analysis Search Scam Frequently Asked Questions Workforce Value Computer Fan Travel Cleaning Touchpad User Error Software Tips Save Money Computing Infrastructure Monitor Wireless Start Menu Keyboard Going Green Knowledge Cast Trending Internet of Things Hybrid Cloud Netflix Fraud Entertainment Google Docs Lithium-ion battery How to BYOD Excel BDR FENG Tech Support Instant Messaging webinar YouTube Applications Windows 10s Tools Legal Experience Network Congestion Comparison PDF IT Support Sync Amazon Techology Apple Meetings Website SaaS Books Save Time Charger Firewall Emergency Hiring/Firing Smart Technology Worker Webinar Assessment CrashOverride Two Factor Authentication Rootkit Employer Employee Relationship IT solutions Television WiFi Thank You Troubleshooting Training Compliance Transportation Computer Accessories Public Computer Congratulations Loyalty Big Data Electronic Medical Records Vendor Management Regulation Benefits Bluetooth

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

No comments yet.