Mobile Menu Locations Contact

The Latest from Columbia


Guarding Yourself from Social Engineering

by User Not Found | May 02, 2018


By: Juancarlos Martinez

Cyber attackers today have learned that every network from the Pentagon with billion-dollar security measures to a small one-person business with store-bought anti-virus software all share the exact same vulnerability: employees. Fraudsters have learned that often the easiest way to steal your information, hack your accounts, or infect your systems is by simply tricking you into making a mistake using a method called social engineering. As fraudsters evolve, we are seeing an increase in the use of social engineering as a tactic to break through your firewalls and expose your personal information.

What is Social Engineering?

Social engineering is when a cyber-attacker pretends to be someone or something you know or trust, such as your bank, a coworker, or a tech support company, and then uses that trust to get what they want (passwords, credit card numbers, social security numbers etc.), usually by just asking for it. Social engineering is more than just being a con artist; it is about understanding human psychology and having a methodical way of influencing someone to either give out sensitive information or grant unauthorized access. In other words, it is not about being a good liar; it is about being an engineer who discovers ways to manipulate people for his or her advantage. Cyber attackers can launch a social engineering attack using a variety of different methods, including email, over the phone, or in person.

Red Flags of Social Engineering

  • Someone is creating a tremendous sense of urgency. If you feel like you are under pressure to make a quick decision, be suspicious.
  • Someone asking for information they should not have access to or should already know.
  • Someone pressuring you to ignore or bypass security policies and procedures.
  • Something too good to be true. If it sounds too good to be true, it normally is.

Common Social Engineering Tactics

  • Phishing scams: Emails or phone calls asking you to reveal personal information.
  • Pretexting: Scammers create a fabricated scenario that they use to try to obtain personal information.
  • Baiting: Use of incentives and goods to lure users into signing up for offers and expose personal information. Social engineer exploits your curiosity by disguising malware or malicious files as generic software or updates.
  • Quid Pro Quo: Incentivizes users to share personal information in exchange for services.
  • Tailgating: Someone without access or credentials following authorized personnel into restricted areas.

Protecting Yourself from Social Engineers

Step 1: Be a Skeptic

Phishing scams are a great example of social engineering in the tech age. Scammers play on your familiarity with certain email senders and use persuasive language and enticing links to scam you into clicking on links that may contain malware. Fraudsters can imitate people or brands that you inherently trust to get you to open infectious links or files. The easiest way to protect yourself from these attacks is to be a skeptic. Do not believe every email is from the sender; don't fall for every too good to be true offer; and don't open links or attachments from unknown sources.

Step 2: Be Aware

Being aware of your surroundings is key to keeping them safe. Keep a vigilant eye out for anything suspicious, both online and off. Try these simple suggestions for protecting your surroundings from social engineers at work, at home and beyond:

  • Know your company's privacy policy.
  • Lock down all devices when you are away.
  • Do not share passwords or credentials with others.
  • Keep sensitive information safe by keeping paperwork and bills in a safe, preferably locked place.
  • Shred your paperwork containing personal information.
  • Be wary of strangers in your personal space.
  • Never click on links from within suspicious emails.
  • Do not open email attachments from unknown sources.
  • Do not attach external storage devices to your computer if you are unsure of their source.

Step 3: Be Proactive

Sometimes the difference in maintaining safe accounts and experiencing a breach is thanks to proactive online safety. Taking simple steps to be proactive with your online security can help you avoid having to be reactive when things have already been compromised. Read our blog post, Five Ways to be Proactive With Your Online Security, for tips on keeping your information safe.

Remember, social engineers play to human error. You are the first step to keeping your information safe, so be a skeptic; stay aware and be proactive whenever you can to maintain the integrity of your private information online and off.

 

Share:

connect nearby or online

Click to Share Your Location

We'll find a branch near you. You can also visit the locations page or contact us.

Enter a zip code to find the
nearest branch
submit

Connect with CB

Consider This

May we interest you in...



Follow Columbia Bank