Contact us today!

Network Solutions Unlimited Blog

Could You Spot a Social Engineering Attack?

Could You Spot a Social Engineering Attack?

As invaluable as the security solutions that protect a network are, they can be effectively rendered useless if a cybercriminal is skilled in social engineering. Social engineering is the practice of using manipulation to access protected resources, as we will review later. If your business and its team are vulnerable to a social engineering attempt, you are missing a critical piece of your data security strategy.

What Makes Social Engineering Effective?
Social engineering is the equivalent of pointing to an imaginary spot on someone’s shirt, only to flick their nose when they look down -- by posing as someone trustworthy, a cybercriminal is given the opportunity to do as they will with a business’ data. These attacks have two factors going in their favor.

First, a social engineering attack isn’t the kind of attack that the average user is on the lookout for. They will have instead heard about botnets and ransomware and other big, external threats, and so won’t think to question what seems to be a legitimate-looking message.

Secondly, there is plenty of data readily available on the Internet to help build a convincing social engineering attack. This data is referred to as open-source intelligence.

Open-source intelligence can come from a vast array of data sources, which only assists an aspiring social engineer. Through some digging on the Internet, a social engineer can find plenty of information that better informs their attack.

What the Internet Can Provide
With the right research, a social engineer can compile an unnervingly comprehensive profile of a business, its employees, its operations, and more. Some very brief and incomplete examples are as follows:

Information about the kind of technology a business leverages is surprisingly common online. Job postings, for example, often identify the hardware and operating system a company uses to ensure that an applicant has a familiarity with the systems they would be working with. The trouble is, this also helps a criminal by identifying which exploits will be effective against a company. Furthermore, if a company isn’t careful, their social media images could provide a cybercriminal with information about their networking hardware.

Employee Information
It is also common for people to overshare on social media, which can easily lead to company information being shared as well. This includes, in addition to the access of information many allow to be publicly available via social media, images from within the workplace. Such images often reveal the kind of computer used by employees, as well as the contents of their screens and any information displayed on them.

Additionally, many people will discuss their work schedule on social media, as well as provide a detailed account of their professional experience, giving a social engineer more data to work with.

Vendors and Other Companies
External services that provide for a company can help a social engineer gain access to that company, especially if the service provider uses them as evidence of value on their website. Janitorial services and trash pickup services are especially valuable, as data could potentially be stolen after it leaves a business’ premises.

In short, while protecting your data with firewalls, authentication requirements, and other digital measures is crucial, it is just as crucial to also ensure that your employees are aware of the dangers that social engineering can bring. Establishing processes to help thwart social engineering attempts is something that every company should do, as it will help to protect them from these attacks.

For help in planning these processes, reach out to Network Solutions Unlimited at 217-428-6449.

Can You Trust Your Mobile Apps?
Tip of the Week: Awareness is Key to Mobile Device...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Sunday, June 24 2018

Captcha Image

Mobile? Grab this Article!


Tag Cloud

VPN Microsoft Cloud Colocation Managing Stress Managed IT Service iOS BYOD Charger Internet of Things Experience Adobe Productivity Bandwidth Computing Managed IT Services Fraud Financial Managed IT Services Computers hacker PDF Remote Monitoring Computer Business Intelligence Analysis Comparison Cybercrime Cortana Google Data Breach Business Computing Hiring/Firing intranet Rootkit Security Employer Employee Relationship Scam Business Management Best Practice Cast Hackers Automation Project Management Hosted Solutions Laptop Users Microsoft Office Blockchain Budget Identities VoIP Battery Private Cloud Money Computer Forensics Virtualization Gamification Remote Computing Data Theft NFL Windows 10 Android Word Spam Data Loss Ransomware Avoiding Downtime Students Two Factor Authentication Server Edge Quick Tips Websites Ciminal Virus Big Data Windows Ink Google Maps Business Conferencing Updates Electronic Medical Records Tech Support Public Cloud Device Security Google Assistant Gifts Workers Meetings Saving Money Business Continuity Outlook Entertainment Chromecast Hardware Connectivity Public Computer Gadgets Cybersecurity Retail Social Media Hybrid Cloud Browser Sports Alert Shortcut Data Privacy Marketing Webinar Streaming Media OneNote Computer Accessories Loyalty Commerce Hosted Solution Twitter Education Recovery Monitor Regulation Google Drive Mobile Device Management Wireless Charging Mobile Device How to Monitors Worker Smartphone The Internet of Things Memory Gmail Workplace Tips Wi-Fi Company Culture IT Services Apps Thank You User Tips Bluetooth Physical Security Robot Emergency Data Storage Bring Your Own Device Government Work/Life Balance HIPAA Windows Save Money Risk Management Update IT Support Value Antivirus Safety Cache Mobile Devices IoT Operating System Internet Benefits Vulnerability Legal Innovation Employer-Employee Relationship Save Time Books Internet exploMicrosoft Sync Data Recovery Sales Computer Fan File Sharing Outsourced IT Legislation Cost Management Networking Communication MSP History iPhone Wireless Email Encryption Unified Threat Management Wireless Technology Administration Chromebook Spam Blocking Network Security Samsung PowerPoint Computing Infrastructure Phishing Flexibility Facebook Internet Exlporer IT Management Proactive Audiobook Compliance Television Cleaning Evernote End of Support Managed IT Data Backup Passwords Microsoft Word Office Tips Wireless Internet Redundancy Data Management Shadow IT Virtual Reality Microsoft Excel Proactive IT Data storage IT Support Instant Messaging Law Enforcement Upgrade BDR Network Patch Management Excel Firewall Managed Service Provider Health Touchpad IT budget Root Cause Analysis App Humor Credit Cards Licensing User Error Devices Office HaaS Relocation Worker Commute Hacking Troubleshooting Apple Business Owner Identity Theft Data Security Document Management Scalability Hard Drives Storage Software Content Lifestyle Communications Files Software as a Service Printing Assessment Reputation Password Unsupported Software App store Two-factor Authentication Collaboration Monitoring How To SaaS FAQ Chrome IT solutions Touchscreen Data Search Social Engineering Tech Term Windows 10s Applications Holiday Upgrades Financial Technology Data Protection eWaste Mobile Security IT Solutions WiFi Specifications Audit WIndows Server 2008 Vendor Management Content Filtering Hard Disk Drive Backup Miscellaneous Travel Unified Communications Techology Cloud Computing Congratulations Privacy Efficiency Small Business Application Smartphones Automobile Phone System Going Green Video Games Content Filter CrashOverride Emails Computer Care Downtime WannaCry Personal Information Google Docs Mobility Maintenance Advertising Technology Consultant Artificial Intelligence Keyboard Augmented Reality Windows 10 USB Tablets Professional Services Settings Black Market Information Technology Malware Screen Mirroring Identity Telephone Systems Mobile Hard Drive Training Office 365 Spyware Dark Web Productivity Smart Tech Nanotechnology HBO Best Practices Router Language Tip of the Week Smart Technology Disaster Recovery Politics Transportation Solid State Drive Management Customer