How to Protect Yourself Against Social Engineering
Posted: November 15, 2017 | Author: Mark Walton | Read Time: 2 minutes
There is a recurring need to be aware of social engineering. According to the SANS Institute's October 2017 Security Awareness Newsletter, "Social engineering is a common technique used by cyber attackers to trick or fool people into doing something they should not do, such as sharing their password, infecting their computer, or sharing sensitive information."
Southern Utah University’s Director of IT Security Mark Walton works to protect campus employees from all types of cyber attacks. In his October 2017 monthly newsletter to the university, he sheds light on social engineering and different strategies hackers use to obtain personal information.
“Email is probably the most common way we are contacted by social engineers,” said Walton. “These phishing emails often try to get us to click on links or open attachments, which could trick us into entering our credentials into a fake site, or installing malware on our computer.”
Here are a few other ways that we might be social engineered:
Vishing: Vishing is Voice Phishing, or simply, via a phone call. We might get a phone call from "Microsoft" claiming that our computer is infected, or the "IRS" stating that we are delinquent in paying our taxes. Please be suspicious of any unsolicited phone calls from "official" organizations, whether commercial or government. These kinds of calls are completely fraudulent, and they'll try and use scare tactics to try and get you to respond.
Smishing: Smishing is SMS or Text Phishing. Be careful of any text message that you receive asking you to tap on a link to install an update, or to visit a web site.
Search Engine Results: Bad guys will create web sites that appear to resemble legitimate sites and that provide software infected with malware. If a user isn't careful, they may search for a particular site, click on the fake web site instead of the genuine one, and thus download and install software infected with malware. Whenever you perform a search using Google, Bing, or other search engines, they often display "sponsored ads" at the top of the list of returned sites. Please ensure that you are visiting the official site. I had this happen within my own home when my son wanted to update the video drivers on our laptop. He performed a Google search, and simply clicked on the first site listed, which was one of these fake sites. He subsequently installed the downloaded drivers that were infected with malware.
SUU’s Master of Cyber Security and Information Alliance program trains students in defending networks from external threats and gives experience in counter intelligence, defense, homeland security, and law enforcement. Learn more about cyber security at SUU.
This article was published more than 3 years ago and might contain outdated information or broken links. As a result, its accuracy cannot be guaranteed.
Tags: Computer Science Blog Graduate Programs