Contact us today!

Network Solutions Unlimited Blog

Network Solutions Unlimited has been serving the Decatur area since 2013, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Could You Spot a Social Engineering Attack?

Could You Spot a Social Engineering Attack?

As invaluable as the security solutions that protect a network are, they can be effectively rendered useless if a cybercriminal is skilled in social engineering. Social engineering is the practice of using manipulation to access protected resources, as we will review later. If your business and its team are vulnerable to a social engineering attempt, you are missing a critical piece of your data security strategy.

What Makes Social Engineering Effective?
Social engineering is the equivalent of pointing to an imaginary spot on someone’s shirt, only to flick their nose when they look down -- by posing as someone trustworthy, a cybercriminal is given the opportunity to do as they will with a business’ data. These attacks have two factors going in their favor.

First, a social engineering attack isn’t the kind of attack that the average user is on the lookout for. They will have instead heard about botnets and ransomware and other big, external threats, and so won’t think to question what seems to be a legitimate-looking message.

Secondly, there is plenty of data readily available on the Internet to help build a convincing social engineering attack. This data is referred to as open-source intelligence.

Open-source intelligence can come from a vast array of data sources, which only assists an aspiring social engineer. Through some digging on the Internet, a social engineer can find plenty of information that better informs their attack.

What the Internet Can Provide
With the right research, a social engineer can compile an unnervingly comprehensive profile of a business, its employees, its operations, and more. Some very brief and incomplete examples are as follows:

Information about the kind of technology a business leverages is surprisingly common online. Job postings, for example, often identify the hardware and operating system a company uses to ensure that an applicant has a familiarity with the systems they would be working with. The trouble is, this also helps a criminal by identifying which exploits will be effective against a company. Furthermore, if a company isn’t careful, their social media images could provide a cybercriminal with information about their networking hardware.

Employee Information
It is also common for people to overshare on social media, which can easily lead to company information being shared as well. This includes, in addition to the access of information many allow to be publicly available via social media, images from within the workplace. Such images often reveal the kind of computer used by employees, as well as the contents of their screens and any information displayed on them.

Additionally, many people will discuss their work schedule on social media, as well as provide a detailed account of their professional experience, giving a social engineer more data to work with.

Vendors and Other Companies
External services that provide for a company can help a social engineer gain access to that company, especially if the service provider uses them as evidence of value on their website. Janitorial services and trash pickup services are especially valuable, as data could potentially be stolen after it leaves a business’ premises.

In short, while protecting your data with firewalls, authentication requirements, and other digital measures is crucial, it is just as crucial to also ensure that your employees are aware of the dangers that social engineering can bring. Establishing processes to help thwart social engineering attempts is something that every company should do, as it will help to protect them from these attacks.

For help in planning these processes, reach out to Network Solutions Unlimited at 217-428-6449.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Sunday, 18 March 2018

Captcha Image

Mobile? Grab this Article!


Tag Cloud

HIPAA Transportation Applications HBO Colocation Networking Remote Computing Project Management Worker Innovation Alert Vulnerability VPN SaaS OneNote Downtime Regulation Bluetooth Customer Black Market IT Support Root Cause Analysis Microsoft Word Public Cloud Quick Tips Education How To Windows 10s Audit Advertising HaaS Television Communications Chromecast Network Security Bring Your Own Device Windows iOS Law Enforcement Upgrades Safety Productivity Email Data Storage IT budget Software Business Computing Assessment Credit Cards CrashOverride Windows Ink Managed IT Services Word Comparison Conferencing Patch Management Internet of Things Hardware Tech Term IT Services Touchscreen Hackers VoIP Hosted Solutions Marketing Risk Management Politics Loyalty Android Telephone Systems Computer Care Google User Tips Money Touchpad Business Intelligence Computers Monitor Solid State Drive Wireless Charging Compliance Managed IT Chrome Software as a Service Thank You Big Data Best Practices Office History Save Money Electronic Medical Records Administration Legal Gifts intranet How to Travel IoT Best Practice IT solutions Workers Physical Security Internet Exlporer Experience Phone System Automation Computer Accessories Social Engineering Miscellaneous Worker Commute Updates Two-factor Authentication Webinar Books Small Business Reputation Managed IT Service Unsupported Software Video Games Wi-Fi Holiday Microsoft Excel Mobility Charger Sales Firewall Cloud Computing Data The Internet of Things Bandwidth Augmented Reality Gadgets Cost Management Cast Privacy Hard Drives Facebook Malware Business Continuity Cybercrime Cortana Mobile Data Security Specifications Cloud Mobile Devices Proactive Computer Fan WiFi Operating System Techology Excel Public Computer Productivity Nanotechnology Hard Disk Drive Tablets Google Drive Scam Spam Blocking Health Screen Mirroring Laptop PDF Scalability Congratulations Shadow IT Hacking Legislation Edge Flexibility Managed Service Provider Training Mobile Device Windows 10 Internet Office 365 Efficiency Ciminal Mobile Device Management Wireless Two Factor Authentication App Content Device Security Google Maps Language Identity Theft Apple Work/Life Balance Microsoft Application Evernote Password Upgrade Virus Emergency Search Data Loss Rootkit Smartphones Retail Backup Professional Services eWaste Social Media Websites Microsoft Office Data Recovery Data Breach Vendor Management Battery Data Backup Collaboration Save Time Disaster Recovery Network iPhone MSP Meetings Hiring/Firing Audiobook Robot Storage Recovery Spam Encryption Google Docs Going Green Adobe Security End of Support Outsourced IT USB Router Value Remote Monitoring Smartphone User Error Consultant Dark Web Employer Employee Relationship Government Browser Users Entertainment Managed IT Services Content Filtering Fraud Personal Information Samsung Passwords Emails Employer-Employee Relationship Cache IT Solutions Business WIndows Server 2008 Maintenance Lifestyle Humor Cybersecurity Technology Virtualization Private Cloud Monitors Phishing Shortcut Relocation Devices Wireless Technology Apps Computing Infrastructure Licensing WannaCry IT Support Keyboard Smart Technology Budget Tip of the Week Windows 10 Saving Money Sync Business Management Tech Support Antivirus Hybrid Cloud IT Management Ransomware Data storage Proactive IT Document Management BYOD Commerce Identities Business Owner Benefits Update Server Outlook Data Management Sports Files Internet exploMicrosoft Artificial Intelligence Instant Messaging Troubleshooting Settings Virtual Reality Automobile Computer Blockchain Spyware hacker Data Protection Gmail Unified Threat Management Avoiding Downtime NFL Hosted Solution Cleaning Office Tips Information Technology File Sharing Redundancy Workplace Tips FAQ BDR

Sign Up for Our Newsletter

  • Company Name *
  • First Name *
  • Last Name *