Contact us today!

Network Solutions Unlimited Blog

Could You Spot a Social Engineering Attack?

Could You Spot a Social Engineering Attack?

As invaluable as the security solutions that protect a network are, they can be effectively rendered useless if a cybercriminal is skilled in social engineering. Social engineering is the practice of using manipulation to access protected resources, as we will review later. If your business and its team are vulnerable to a social engineering attempt, you are missing a critical piece of your data security strategy.

What Makes Social Engineering Effective?
Social engineering is the equivalent of pointing to an imaginary spot on someone’s shirt, only to flick their nose when they look down -- by posing as someone trustworthy, a cybercriminal is given the opportunity to do as they will with a business’ data. These attacks have two factors going in their favor.

First, a social engineering attack isn’t the kind of attack that the average user is on the lookout for. They will have instead heard about botnets and ransomware and other big, external threats, and so won’t think to question what seems to be a legitimate-looking message.

Secondly, there is plenty of data readily available on the Internet to help build a convincing social engineering attack. This data is referred to as open-source intelligence.

Open-source intelligence can come from a vast array of data sources, which only assists an aspiring social engineer. Through some digging on the Internet, a social engineer can find plenty of information that better informs their attack.

What the Internet Can Provide
With the right research, a social engineer can compile an unnervingly comprehensive profile of a business, its employees, its operations, and more. Some very brief and incomplete examples are as follows:

Information about the kind of technology a business leverages is surprisingly common online. Job postings, for example, often identify the hardware and operating system a company uses to ensure that an applicant has a familiarity with the systems they would be working with. The trouble is, this also helps a criminal by identifying which exploits will be effective against a company. Furthermore, if a company isn’t careful, their social media images could provide a cybercriminal with information about their networking hardware.

Employee Information
It is also common for people to overshare on social media, which can easily lead to company information being shared as well. This includes, in addition to the access of information many allow to be publicly available via social media, images from within the workplace. Such images often reveal the kind of computer used by employees, as well as the contents of their screens and any information displayed on them.

Additionally, many people will discuss their work schedule on social media, as well as provide a detailed account of their professional experience, giving a social engineer more data to work with.

Vendors and Other Companies
External services that provide for a company can help a social engineer gain access to that company, especially if the service provider uses them as evidence of value on their website. Janitorial services and trash pickup services are especially valuable, as data could potentially be stolen after it leaves a business’ premises.

In short, while protecting your data with firewalls, authentication requirements, and other digital measures is crucial, it is just as crucial to also ensure that your employees are aware of the dangers that social engineering can bring. Establishing processes to help thwart social engineering attempts is something that every company should do, as it will help to protect them from these attacks.

For help in planning these processes, reach out to Network Solutions Unlimited at 217-428-6449.

Can You Trust Your Mobile Apps?
Tip of the Week: Awareness is Key to Mobile Device...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Saturday, September 22 2018

Captcha Image

Mobile? Grab this Article!


Tag Cloud

Hard Drive Websites MSP Data Business Technology Tip of the Week Employer Employee Relationship Windows intranet Automation Tech Support Big Data Application CrashOverride Physical Security App Bluetooth How to Testing Google Drive Avoiding Downtime Business Internet Reputation Patch Management Facebook HIPAA Two Factor Authentication Thank You Mobile Devices Credit Cards Google SaaS Augmented Reality Data storage Productivity Software Memory User Tips Training OneNote Samsung Hardware Specifications Password Education Public Cloud Business Owner Server Customer Managing Stress Sync Managed IT Services Virtual Assistant Best Practice Computer Accessories Malware Security Rootkit Best Practices Health Artificial Intelligence File Storage Office IoT WPA3 Users Outlook Managed IT Service Wasting Money Internet Exlporer Vulnerability Going Green Windows 10s Windows 10 Saving Money Mobility Router Screen Mirroring Updates Spam Blocking Employer-Employee Relationship BYOD Update Project Management Identity Theft Search Gadgets Alexa for Business Printers Browser Encryption Monitoring Instant Messaging Vendor Management Risk Management Phone System Camera WannaCry Law Enforcement Hard Disk Drive Two-factor Authentication Management Scam Tech Term Virus Politics Data Loss Telephone Systems Techology Data Breach End of Support Cloud Device Security Assessment Touchscreen How To IT Solutions Small Business Wireless Communications Streaming Media Scalability Analysis Software as a Service Black Market Keyboard Smartphones Loyalty Connectivity Financial Downtime Emails Excel Hosted Solutions Commerce Computer Relocation Miscellaneous Personal Information Computer Forensics Information Bring Your Own Device hacker Proactive HaaS Legislation Upgrades IT solutions Data Protection Transportation Communication Worker HBO Workers Adobe Phishing Privacy Data Storage Webinar Public Computer Mobile Security IT Management Devices Managed Service Provider Television Office Tips Shortcut Comparison Congratulations Unified Threat Management Consultant Sports Holiday Cast Ciminal Hard Drives Electronic Medical Records Robot Computer Fan Computers Cybercrime Troubleshooting Unified Communications Solid State Drive Managed IT WiFi User Error Audit Students Save Time Compliance Work/Life Balance Network Passwords Conferencing Cache Unsupported Software Regulation Backup Redundancy FAQ NFL Virtual Reality Colocation Internet exploMicrosoft Network Security Managed IT Services Blockchain Nanotechnology Twitter Data Recovery Shadow IT Microsoft Office iPhone Travel Smart Tech Chromecast Bandwidth Professional Services File Sharing USB PDF Monitors Gamification Technology Hacking Identities Wireless Charging Lifestyle Humor Gmail Quick Tips Business Continuity Business Computing Content Filter Business Intelligence Data Security Fraud VoIP Language Projects Smart Technology IT Support Computing Infrastructure Proactive IT Computing Entertainment Upgrade Licensing Spyware IT Services Internet of Things Cybersecurity Emergency Data Management The Internet of Things Laptop Battery Wi-Fi Company Culture Monitor Hiring/Firing Wireless Technology Files Wireless Internet Cost Management WIndows Server 2008 Hybrid Cloud iOS Budget BDR Video Games Apps Outsourced IT Money Chrome Mobile Ransomware Productivity History Marketing Mobile Device Management Social Engineering Hosted Solution Audiobook Operating System Microsoft Printing App store Information Technology Cortana Networking Google Maps Data Theft Spam Touchpad Evernote Cleaning Identity Hackers Flexibility Google Docs Dark Web Vendor Private Cloud Efficiency Smartphone Root Cause Analysis Social Media Administration Books Storage Save Money Data Backup Remote Monitoring Workplace Tips Maintenance VPN Experience Applications Sales eWaste Email Mobile Device Financial Technology Employee-Employer Relationship Value Gifts Firewall Government Alert Google Assistant PowerPoint Meetings Microsoft Excel Innovation Antivirus Android Apple Amazon Managed Service Recovery Safety Content Legal Benefits Virtualization Cloud Computing Edge Retail IT Support Windows 10 Tablets Advertising Automobile IT budget Disaster Recovery Settings Office 365 Business Management Data Privacy Worker Commute Charger Computer Care Windows Ink Word Remote Computing Collaboration Microsoft Word Document Management Chromebook Content Filtering