312-253-4321    Get SUPPORT

Alchetec Blog

Social Engineering and Your Business

Social Engineering and Your Business

As prevalent as cybersecurity threats unfortunately are today, many users tend to overlook major threats that they just aren’t focused on nearly as much: social engineering attacks. Social engineering attacks are just another means for a cybercriminal to reach their desired ends, and therefore needed to be protected against.

What is Social Engineering?

Social Engineering is the act of manipulating people into providing access credentials to criminals that aren’t supposed to have access to a system. To do this, the social engineer uses his/her influence (real or not) to trick people into supplying the needed information.

The act of social engineering can be approached in multiple ways. Hackers can take advantage of user carelessness, they can come in as a helpful party, they can take advantage of an individual’s fear, and they can exploit a person’s comfort zone. Let’s take a look at each.

User Carelessness

Despite the need for information systems, companies largely depend on individual users to secure their own endpoints. Sure, they will put in place a set of tools designed to keep network resources secure, but overall, it is important for each user to maintain vigilance over their own workstation and other network-attached devices. If they aren’t, scammers can obtain access fairly easily. 

If they can’t use spam or phishing messages to gain access, they may have to try an alternate method. For example, a scammer may gain access to your workspace. If your people ignore best practices for convenience and leave credentials or correspondence out in the open, a scammer looking for things like this will be able to leverage that mishap into access most of the time. 

Perceived Helpfulness

Most people will help people that are having trouble. The impulse to be helpful can be taken advantage of if the “victim” is a hacker. People can hold the door for a cyberthief giving them access to your office. They can use information syphoned from the web to gain a person’s trust and then use the trusting nature of good people for nefarious means. Moreover, it is natural to want to help someone, so you and your staff have to be careful that they are, in fact, in need of help and not looking to steal access to company resources.

Working Within the Comfort Zone

Most workers do what they are told. If they have somewhat repetitive tasks, they may grow complacent. Social engineering tactics will take advantage of this, especially at a large company. The scammer will get into your office and if some employees are used to random people just milling around, they won’t really pay any mind. 

We typically like to think about hackers as loners that sit in the dark and slurp energy drinks while they surf the Dark Web. While this description is fun, it’s not realistic. Hackers, the ones that you should be worried about, know your company’s weakest points and will take advantage of them. If that weakest link is the complacency of your employees, that will be the way they will approach it. Unfortunately, this also technically includes insider threats.

Fear Tactics

Getting someone to do something out of fear is effective, but can be risky. The more fear someone has, the more they will look to others to help mitigate it. That’s why most fear tactics, nowadays, come in the form of phishing messages. Using email, instant messaging, SMS, or other means to get someone worried enough to react to a threat takes a believable story that could produce an impulsive reaction by a user. Fear has long been known to be a powerful motivator, so it really is no surprise that cybercriminals would resort to this means to coerce their targets into compliance. 

We Can Help 

If you would like more information about social engineering or any other cybersecurity issue, contact the IT experts at Alchetec at 312-253-4321. 

Why is My Network Slow?
Google is Introducing Verified Business SMS to And...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, April 09 2020

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Productivity Business Computing Cloud Data Network Security Data Backup IT Services Privacy Hosted Solutions Malware Software IT Support Email Hackers Internet Outsourced IT Microsoft Data Recovery Innovation Computer Business Hardware Efficiency Business Continuity Productivity Cloud Computing Managed IT Services User Tips Backup Upgrade Mobile Devices Tech Term Ransomware Google Cybersecurity Managed IT Services Phishing Small Business Collaboration Windows 10 Workplace Tips Communication Business Management VoIP IT Support Smartphones Android Paperless Office Remote Monitoring Disaster Recovery Data Management Managed Service Office 365 Communications Mobile Device Server Internet of Things Managed IT Managed Service Provider Smartphone Facebook Encryption Network Passwords Save Money Quick Tips Help Desk Holiday Miscellaneous Social Media Wi-Fi Virtualization BDR Artificial Intelligence Browser Healthcare Saving Money Business Technology BYOD Windows 10 Government Compliance Windows 7 Document Management Windows Applications Risk Management Employer-Employee Relationship Laptops Vendor Management Training Microsoft Office Automation Password Storage Infrastructure Tip of the week Data loss Avoiding Downtime Processor Unified Threat Management Blockchain Antivirus Going Green Redundancy Mobility SaaS Vulnerability Apps Maintenance IT Management Scam Analytics Project Management Telephone Systems File Sharing Bandwidth Chrome Office Recovery Information Computers Robot Data Security Money Firewall Gmail Router App Politics Software as a Service Wireless Mobile Device Management Tablet Machine Learning Two-factor Authentication Virtual Reality IoT IT Service Work/Life Balance Data Storage Regulations Meetings OneDrive RMM Word Computing Company Culture Gadgets VPN Customer Relationship Management Big Data Bring Your Own Device Access Control Users Files Virtual Private Network Website Hosted Solution Downtime Unified Communications Upgrades Customer Service Digital Payment Chromebook Monitoring Management Identity Theft Smart Technology Display Licensing Net Neutrality Twitter Social Network How To Electronic Health Records Assessment HIPAA Health Consulting File Management Social Monitors Internet Exlporer Patch Management Hard Drive Remote Computing Time Management Consultation Payment Cards Apple Electronic Medical Records Proactive Search Uninterrupted Power Supply Managed Services Provider Cooperation Augmented Reality How To Employees Employee-Employer Relationship Mobile Security Network Management Co-Managed IT Remote Monitoring and Management Professional Services Managed Services The Internet of Things Flexibility Server Management Remote Workers Recycling Settings Alert Operating System Utility Computing Printing Networking Solid State Drive Dark Web Outlook Samsung Fleet Tracking Tech Terms Projects Gamification Computer Care WannaCry Black Market Bookmarks Google Drive Chatbots Cables Cyber security GDPR Digitize Taxes Hard Disk Drive Features Firefox Wearable Technology Wasting Time Enterprise Content Management Smart Devices Computer Repair Crowdsourcing Data Warehousing Human Error Statistics Smart Tech SharePoint Botnet Computing Infrastructure ROI Mail Merge Remote Work Unsupported Software Spyware Notifications Authentication Technology Laws Options Credit Cards Sports Asset Tracking Theft Shortcut Cost Management Return on Investment 3D Printing Physical Security Favorites Identity Teamwork Techology Spam Downloads Shadow IT Business Growth Database Lenovo Vulnerabilities Sensors Dark Data MSP Microsoft Excel Permission Bluetooth Connectivity Wireless Internet Holidays Social Engineering Disaster Alerts Notes Address Enterprise Resource Planning Mobile Data Distributed Denial of Service Authorization Heating/Cooling Modem Unified Threat Management Software Tips Telephony OneNote Financial Technology Tips Active Directory WiFi VoIP Conferencing Shared resources Disaster Resistance Windows Server 2008 Test Multi-Factor Security Outsourcing Automobile Cyberattacks IT Technicians Voice over Internet Protocol Superfish Geography Employer/Employee Relationships IT Cybercrime Emoji PowerPoint Mobile Value of Managed Services Managed IT Service Servers Cookies User Error Tech Support Procurement Cache Mouse Windows Server Wireless Technology 5G GPS IT Solutions YouTube Processors Social Networking Proactive IT Law Enforcement Permissions Hacking Star Wars Google Calendar Bitcoin Video Conferencing Safety Information Technology USB Read Only Mirgation High-Speed Internet Telephone IBM Network Congestion Google Maps Legal Proactive Maintenance Business Telephone Hacker Travel Private Cloud Point of Sale Staff Humor Supercomputer Personal Information Wires Break Fix Zero-Day Threat Nanotechnology Printer Content Filtering End of Support History Update Hotspot Security Cameras Comparison User Management Cortana Tracking Black Friday Instant Messaging Touchscreen Motherboard Manufacturing IT Consulting Optimization Gadget WPA3 Fraud Trending Legislation Current Events Biometric Corporate Profile Migration Transportation Development Mobile VoIP Education Database Management IT Assessment E-Commerce Operations Virtual Assistant Managing Stress Vendor Office Tips IT Budget Virus Backup and Disaster Recovery Websites Screen Reader G Suite Cabling Language Remote Worker eWaste Specifications Batteries Digital Cyber Monday Finance Mobile Computing Hard Disk Drives Data Breach Solid State Drives Virtual Machines Hiring/Firing Students Mobile Office Public Cloud Regulation Fun Domains Sync Outsource IT Staffing IT Consultant Public Speaking CrashOverride Hacks Mobile Device Managment Laptop Presentation Lithium-ion battery Hard Drives Administrator Relocation Marketing Budget Competition Cleaning Printers IP Address Motion Sickness Error Emergency