GTSS Blog

Would Your Users be Tricked by Social Engineering?

Would Your Users be Tricked by Social Engineering?

The term social engineering may not seem nearly as intimidating as other cybersecurity terms like ransomware or denial of service. Don’t be deceived! Some of the biggest threats to your company’s data and network security use social engineering to manipulate targets into taking a specific action - like disclosing personal information that can be stolen and exploited.

Often overlooked by the media in favor of major data breach events, there are few types of social engineering hacks that have the capability to devastate a business.

  1. Vishing: Given the fact that the number of people who fall for phishing attacks and other email scams has declined significantly, it was only a matter of time before hackers found an alternative avenue to exploit their targets. After abandoning it a few years ago in favor to digital scams, vishing - a fraudulent voice call that seeks personal information - have once again returned as a favorite among hackers and thieves.
  2. HTTPS: SSL certificates used to ensure that a website was legitimate and secure enough to protect your personal information. Websites that have ‘https’ no longer signifies security, as hackers have begun using websites that give away SSL certificates for free and using them to lull victims into a false sense of security. To make sure a website is secure, you’ll want to look for indication of an extended validation SSL (EV-SSL) which are not offered for free! EV-SSLs are signified with a green bar.
  3. Website Copy-Cats: Scammers have become very skilled at making spoof websites that look and feel just like the authentic website but are actually littered with all typesof malware. For example, after the Equifax data loss event in June 2017, Equifax set up a website to help their clients who had their information compromised with the URL: equifaxsecurity2017.com. A spoof of that website, with the domain securityequifax2017.com, was so convincing - it even tricked Equifax themselves! A few things to keep an eye out for when trying to determine if a website is legitimate, include:
    1. Make sure the URL is correct.
    2. Avoid giving out information unless a site has an EV-SSL.
    3. Look for seals of trust from other IT security websites.
    4. Beware of misspellings, typos and broken English.
  4. Every Word Password Theft: There are a lot of hacking tools that will scan through databases - including every word in the dictionary. These tools significantly increase the likelihood that a password that includes an actual word will be cracked and exploited. The best practices are ones that mix numbers, letters and symbols that make no sense.

When it comes to digital threats, for every exploit or hack that is prevented, a few, more advanced ones are developed. The best way to keep your business, and it’s data, safe is to take proactive measures and execute safe internet practices all times - and that goes for your employees, as well! Would you like to learn more about how you can stay ahead of hackers? Call us at GTSS.

These Smartphones Make an Excellent Gift (Even To ...
Tip of the Week: Using Your Smartphone More Effect...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, December 15 2018

Captcha Image

Tag Cloud

Tip of the Week Security Privacy Best Practices Technology Cloud Hackers Microsoft Backup Google Software Business Computing Windows 10 Smartphones Business Malware Ransomware Hardware Network Security Productivity Hosted Solutions Email Computer Android Business Continuity Disaster Recovery Innovation Small Business VoIP User Tips Alert Internet Efficiency Data Social Engineering Mobile Devices Law Enforcement Smartphone Telephone Systems Data Backup Upgrade Windows Cybercrime Quick Tips Managed IT Services Communications Money How To Computers App Browser Server Chrome Miscellaneous Social Media Office Virtualization Cybersecurity Managed IT Services Collaboration Outsourced IT Network Operating System Router Office Tips Mobile Device Management Remote Computing Business Management Flexibility Passwords Spam Health Password Automation Google Drive Work/Life Balance Gadgets Windows 10 Data Recovery Wi-Fi Safety Artificial Intelligence Data Breach Communication Cloud Computing Bring Your Own Device Office 365 History Bandwidth Private Cloud Unsupported Software Hacking Data storage Black Market Public Cloud Phishing Government Workplace Tips Physical Security Automobile Spam Blocking Productivity Redundancy Mobility Avoiding Downtime End of Support Recovery Data Storage The Internet of Things Best Practice Downtime Holiday Word IT Services IT Management Data Security Microsoft Office Marketing OneNote Apps HaaS Saving Money Facebook Gmail Data Management Two-factor Authentication Internet Exlporer Update Battery Managed Service Provider Windows 7 Identity Theft IT Support Risk Management Botnet Patch Management DDoS Employer-Employee Relationship Humor Outlook Millennials Content Notifications Samsung Audit Skype Evernote Scalability USB Current Events Screen Mirroring Multi-Factor Security Worker Commute Laptop Root Cause Analysis Education Cleaning Flash Credit Cards Politics Computer Fan Travel Search Scam Software Tips Chromecast Frequently Asked Questions Workforce Audiobook Save Money Value Touchpad User Error Start Menu Knowledge Cast Trending Lithium-ion battery Monitor Wireless Google Docs Computing Infrastructure Tech Support Netflix Going Green Fraud Keyboard YouTube FENG Internet of Things Hybrid Cloud How to webinar BYOD Excel BDR Entertainment Tools Instant Messaging Network Congestion Comparison Windows 10s Experience Meetings Website Applications Shadow IT IT Support Sync Amazon Legal PDF Conferencing Apple Tip of the week Telecommuting Techology Internet exploMicrosoft IT Consultant NarrowBand Specifications Encryption Sports Vulnerability Mobile Device Music Reputation Voice over Internet Protocol Users Files Amazon Web Services Robot Information Technology Remote Monitoring Uninterrupted Power Supply Emails iPhone Windows Server 2008 Remote Work Advertising Managed IT Leadership IT Plan Wireless Technology Relocation HBO Business Intelligence VPN Computer Care Solid State Drive Online Shopping Video Games Wearable Technology Networking Data loss Customers Virtual Reality Settings Telephony Assessment CrashOverride Smart Technology Webinar Rootkit Thank You Television WiFi Two Factor Authentication Employer Employee Relationship IT solutions Compliance Troubleshooting Training Congratulations Public Computer Computer Accessories Loyalty Transportation Regulation Big Data Vendor Management Electronic Medical Records Bluetooth SaaS Benefits Books Charger Save Time Firewall Emergency Hiring/Firing Worker

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

No comments yet.