Would Your Users be Tricked by Social Engineering?

Would Your Users be Tricked by Social Engineering?

The term social engineering may not seem nearly as intimidating as other cybersecurity terms like ransomware or denial of service. Don’t be deceived! Some of the biggest threats to your company’s data and network security use social engineering to manipulate targets into taking a specific action - like disclosing personal information that can be stolen and exploited.

Often overlooked by the media in favor of major data breach events, there are few types of social engineering hacks that have the capability to devastate a business.

  1. Vishing: Given the fact that the number of people who fall for phishing attacks and other email scams has declined significantly, it was only a matter of time before hackers found an alternative avenue to exploit their targets. After abandoning it a few years ago in favor to digital scams, vishing - a fraudulent voice call that seeks personal information - have once again returned as a favorite among hackers and thieves.
  2. HTTPS: SSL certificates used to ensure that a website was legitimate and secure enough to protect your personal information. Websites that have ‘https’ no longer signifies security, as hackers have begun using websites that give away SSL certificates for free and using them to lull victims into a false sense of security. To make sure a website is secure, you’ll want to look for indication of an extended validation SSL (EV-SSL) which are not offered for free! EV-SSLs are signified with a green bar.
  3. Website Copy-Cats: Scammers have become very skilled at making spoof websites that look and feel just like the authentic website but are actually littered with all typesof malware. For example, after the Equifax data loss event in June 2017, Equifax set up a website to help their clients who had their information compromised with the URL: equifaxsecurity2017.com. A spoof of that website, with the domain securityequifax2017.com, was so convincing - it even tricked Equifax themselves! A few things to keep an eye out for when trying to determine if a website is legitimate, include:
    1. Make sure the URL is correct.
    2. Avoid giving out information unless a site has an EV-SSL.
    3. Look for seals of trust from other IT security websites.
    4. Beware of misspellings, typos and broken English.
  4. Every Word Password Theft: There are a lot of hacking tools that will scan through databases - including every word in the dictionary. These tools significantly increase the likelihood that a password that includes an actual word will be cracked and exploited. The best practices are ones that mix numbers, letters and symbols that make no sense.

When it comes to digital threats, for every exploit or hack that is prevented, a few, more advanced ones are developed. The best way to keep your business, and it’s data, safe is to take proactive measures and execute safe internet practices all times - and that goes for your employees, as well! Would you like to learn more about how you can stay ahead of hackers? Call us at GTSS.

These Smartphones Make an Excellent Gift (Even To ...
Tip of the Week: Using Your Smartphone More Effect...
 

Comments

Already Registered? Login Here
No comments made yet. Be the first to submit a comment

Tag Cloud

Tip of the Week Security Privacy Best Practices Technology Cloud Hackers Microsoft Backup Google Software Business Computing Windows 10 Smartphones Business Malware Hardware Network Security Ransomware Hosted Solutions Productivity Android Email Computer Business Continuity Innovation Small Business Disaster Recovery Data VoIP User Tips Internet Efficiency Alert Social Engineering Windows Data Backup Cybercrime Mobile Devices Smartphone Telephone Systems Upgrade Law Enforcement Office Managed IT Services Communications Managed IT Services Cybersecurity App Quick Tips Browser Money How To Computers Server Virtualization Collaboration Outsourced IT Social Media Network Miscellaneous Operating System Chrome Windows 10 Safety Office Tips Remote Computing Bring Your Own Device Data Breach Flexibility Cloud Computing Data Recovery History Passwords Mobile Device Management Communication Router Password Work/Life Balance Business Management Wi-Fi Gadgets Artificial Intelligence Health Spam Google Drive Automation Office 365 Avoiding Downtime Bandwidth IT Management Marketing OneNote Workplace Tips Data Security Automobile Word Productivity Mobility Private Cloud Unsupported Software Hacking Two-factor Authentication Recovery Data storage Government Best Practice Black Market Public Cloud Holiday IT Services Microsoft Office Phishing Physical Security Spam Blocking Apps HaaS End of Support Facebook The Internet of Things Gmail Data Storage Saving Money Internet Exlporer Redundancy Data Management Downtime NarrowBand Patch Management Excel BDR Internet exploMicrosoft Content Conferencing Scalability USB Vulnerability Comparison Notifications Files Worker Commute IT Consultant Tools DDoS Reputation Website iPhone Education Sync Amazon Robot Information Technology Politics Wireless Technology Relocation Search Scam Tip of the week Telecommuting Advertising Audiobook Emails Cleaning Computer Care Solid State Drive Specifications Save Money Leadership IT Plan Customers Settings Voice over Internet Protocol Lithium-ion battery Managed Service Provider Computing Infrastructure Networking Data loss Amazon Web Services Keyboard Humor How to Windows Server 2008 Remote Work Entertainment Remote Monitoring Tech Support Instant Messaging Samsung Audit HBO Business Intelligence YouTube Laptop Employer-Employee Relationship Managed IT Applications Current Events Screen Mirroring Telephony Online Shopping Legal Experience Chromecast Root Cause Analysis Windows 7 Identity Theft Techology Update Shadow IT Value Computer Fan Outlook Millennials Touchpad User Error Software Tips Botnet Music Multi-Factor Security Encryption Sports Going Green Users Knowledge Cast Skype Evernote Monitor Wireless Mobile Device Flash Credit Cards Internet of Things Hybrid Cloud Netflix FENG Frequently Asked Questions Workforce webinar BYOD Travel Uninterrupted Power Supply Video Games Wearable Technology Windows 10s Trending VPN Virtual Reality Network Congestion Start Menu Google Docs Apple Battery Meetings Fraud PDF IT Support Risk Management IT Support SaaS Charger Two Factor Authentication Thank You Troubleshooting Worker Transportation Assessment CrashOverride Congratulations Webinar Big Data Rootkit Electronic Medical Records Benefits Television Employer Employee Relationship IT solutions Books Training Save Time Firewall Public Computer Computer Accessories WiFi Emergency Loyalty Vendor Management Hiring/Firing Smart Technology Bluetooth

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

No comments yet.