Contact us today!
217-428-6449

Network Solutions Unlimited Blog

Could You Spot a Social Engineering Attack?

Could You Spot a Social Engineering Attack?

As invaluable as the security solutions that protect a network are, they can be effectively rendered useless if a cybercriminal is skilled in social engineering. Social engineering is the practice of using manipulation to access protected resources, as we will review later. If your business and its team are vulnerable to a social engineering attempt, you are missing a critical piece of your data security strategy.

What Makes Social Engineering Effective?
Social engineering is the equivalent of pointing to an imaginary spot on someone’s shirt, only to flick their nose when they look down -- by posing as someone trustworthy, a cybercriminal is given the opportunity to do as they will with a business’ data. These attacks have two factors going in their favor.

First, a social engineering attack isn’t the kind of attack that the average user is on the lookout for. They will have instead heard about botnets and ransomware and other big, external threats, and so won’t think to question what seems to be a legitimate-looking message.

Secondly, there is plenty of data readily available on the Internet to help build a convincing social engineering attack. This data is referred to as open-source intelligence.

Open-source intelligence can come from a vast array of data sources, which only assists an aspiring social engineer. Through some digging on the Internet, a social engineer can find plenty of information that better informs their attack.

What the Internet Can Provide
With the right research, a social engineer can compile an unnervingly comprehensive profile of a business, its employees, its operations, and more. Some very brief and incomplete examples are as follows:

Technology
Information about the kind of technology a business leverages is surprisingly common online. Job postings, for example, often identify the hardware and operating system a company uses to ensure that an applicant has a familiarity with the systems they would be working with. The trouble is, this also helps a criminal by identifying which exploits will be effective against a company. Furthermore, if a company isn’t careful, their social media images could provide a cybercriminal with information about their networking hardware.

Employee Information
It is also common for people to overshare on social media, which can easily lead to company information being shared as well. This includes, in addition to the access of information many allow to be publicly available via social media, images from within the workplace. Such images often reveal the kind of computer used by employees, as well as the contents of their screens and any information displayed on them.

Additionally, many people will discuss their work schedule on social media, as well as provide a detailed account of their professional experience, giving a social engineer more data to work with.

Vendors and Other Companies
External services that provide for a company can help a social engineer gain access to that company, especially if the service provider uses them as evidence of value on their website. Janitorial services and trash pickup services are especially valuable, as data could potentially be stolen after it leaves a business’ premises.

In short, while protecting your data with firewalls, authentication requirements, and other digital measures is crucial, it is just as crucial to also ensure that your employees are aware of the dangers that social engineering can bring. Establishing processes to help thwart social engineering attempts is something that every company should do, as it will help to protect them from these attacks.

For help in planning these processes, reach out to Network Solutions Unlimited at 217-428-6449.

Can You Trust Your Mobile Apps?
Tip of the Week: Awareness is Key to Mobile Device...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, March 19 2019

Captcha Image

Mobile? Grab this Article!

QR-Code

Tag Cloud

Word Medical IT Spyware Commerce Accessory The Internet of Things NFL Financial Technology Proactive IT Screen Mirroring Virtualization Identities Hard Drives WIndows Server 2008 Cloud Computing Quick Tips Projects Value Cybersecurity Testing Public Cloud Router Health Data Theft Data Breach How To Monitoring Instant Messaging Windows 10s Budget Recovery FAQ Gmail Saving Money Unsupported Software Patch Management Comparison Email Sales Spam User Tips Reputation Google Drive Smartphones Password Computer Accessories Business Management Internet Exlporer Payment Cards Virtual Assistant Financial IoT Communication Browser Office 365 Monitors App store Device Security Company Culture Solid State Drive Miscellaneous Business Computing Books Devices Managed IT Services Save Time Monitor IT budget Malware Management Workers WiFi Automobile Apps Ransomware Two-factor Authentication Employee-Employer Relationship Hard Disk Drive Avoiding Downtime Information Peripheral Gifts Bring Your Own Device Two Factor Authentication Business BYOD Shadow IT Human Resources Unified Threat Management IT Support Employer-Employee Relationship Managed IT Service Windows Ink Upgrade Physical Security Machine Learning Paperless Office Cleaning Fraud Outlook Bluetooth Storage SaaS Language Analysis Public Computer Break/Fix Work/Life Balance Thank You Google Touchpad Computers Data Storage Bandwidth Project Management hacker Hackers Virtual Private Network Data Privacy Telephone Systems Backup Edge Application Electronic Medical Records File Sharing Access Control Twitter WannaCry Professional Services Ciminal Connectivity PDF Network Security Customer Wasting Time IT Solutions Users Scam Root Cause Analysis Sports Proactive PowerPoint Encryption Content Holiday Spam Blocking Internet of Things Computing Infrastructure Efficiency Mobile Device Networking iPhone Smart Technology CrashOverride Save Money Managing Stress Windows 7 Apple Transportation Congratulations IT solutions Websites HBO Admin Virtual Reality Files Samsung Telephone Retail Microsoft Office Applications MSP Artificial Intelligence Analytics SMB Data Recovery Computer Fan Law Enforcement Data Protection Emergency Network Employee Training Tech Support Document Management Data Best Practices Automation End of Support Android Remote Computing Techology eWaste Remote Monitoring Legislation Wireless Internet Compliance Education Chromecast Identity Theft Hacking Audit Search Hybrid Cloud Small Business Printing Remote Workers Security Cameras Business Intelligence Innovation OneNote Microsoft Excel Hosted Solution Smartphone Gadgets Computer Care Emails Streaming Media Wireless Technology IT Management Computing Best Practice Government IT Support Managed IT Services Scalability Cloud Social Engineering Memory Benefits Cache Hardware iOS File Storage Cost Management Going Green Utility Computing Tablets Cast Laptop Windows 10 Regulation Sync Antivirus Backup and Disaster Recovery Office Tips Privacy Gamification Data Management Mobile Device Management Tech Term Software Advertising Managed Service Provider Audiobook Television Vulnerability Hyperlink Hard Drive Phone System BDR Administration Big Data Tip of the Week Managed IT Legal Private Cloud Worker Commute User Error Update Keyboard Phishing Dark Web Licensing Disaster Recovery Adobe Relocation Computer Forensics Workplace Tips Data Backup Display Cortana Risk Management Chromebook Passwords Content Filtering Charger Money Vendor Updates E-Commerce Colocation Battery Printers Upgrades Troubleshooting Managed Service Wireless Social Media Robot Augmented Reality Redundancy Meetings Facebook Students Productivity Chrome Operating System Hiring/Firing IT Service Software as a Service Video Games Employer Employee Relationship Travel Blockchain VPN Rootkit App Downtime Google Docs Wi-Fi Consultant intranet Webinar Conferencing HaaS Alexa for Business Data Loss Hosted Solutions WPA3 Computer Specifications Politics Shortcut Keyboard Shortcuts Assessment Flexibility Data storage Mobile Devices Settings Mobile Black Market Microsoft Camera Credit Cards Mobility Outsourced IT Collaboration Internet exploMicrosoft Business Continuity Productivity Vendor Management Excel Identity Saving Time HIPAA Mobile Security Microsoft Word Amazon Business Owner Security History Content Filter Server USB Personal Information Google Assistant Maintenance Wireless Charging Internet Wasting Money Nanotechnology Co-Managed Services Office Experience Payroll Communications Technology Cybercrime Google Maps VoIP Humor Loyalty Marketing Entertainment Firewall Safety Information Technology Smart Tech How to Unified Communications Windows 10 Windows Evernote Worker Data Security Alert Lifestyle Virus IT Services Business Technology Touchscreen