Contact us today!
217-428-6449

Network Solutions Unlimited Blog

Could You Spot a Social Engineering Attack?

Could You Spot a Social Engineering Attack?

As invaluable as the security solutions that protect a network are, they can be effectively rendered useless if a cybercriminal is skilled in social engineering. Social engineering is the practice of using manipulation to access protected resources, as we will review later. If your business and its team are vulnerable to a social engineering attempt, you are missing a critical piece of your data security strategy.

What Makes Social Engineering Effective?
Social engineering is the equivalent of pointing to an imaginary spot on someone’s shirt, only to flick their nose when they look down -- by posing as someone trustworthy, a cybercriminal is given the opportunity to do as they will with a business’ data. These attacks have two factors going in their favor.

First, a social engineering attack isn’t the kind of attack that the average user is on the lookout for. They will have instead heard about botnets and ransomware and other big, external threats, and so won’t think to question what seems to be a legitimate-looking message.

Secondly, there is plenty of data readily available on the Internet to help build a convincing social engineering attack. This data is referred to as open-source intelligence.

Open-source intelligence can come from a vast array of data sources, which only assists an aspiring social engineer. Through some digging on the Internet, a social engineer can find plenty of information that better informs their attack.

What the Internet Can Provide
With the right research, a social engineer can compile an unnervingly comprehensive profile of a business, its employees, its operations, and more. Some very brief and incomplete examples are as follows:

Technology
Information about the kind of technology a business leverages is surprisingly common online. Job postings, for example, often identify the hardware and operating system a company uses to ensure that an applicant has a familiarity with the systems they would be working with. The trouble is, this also helps a criminal by identifying which exploits will be effective against a company. Furthermore, if a company isn’t careful, their social media images could provide a cybercriminal with information about their networking hardware.

Employee Information
It is also common for people to overshare on social media, which can easily lead to company information being shared as well. This includes, in addition to the access of information many allow to be publicly available via social media, images from within the workplace. Such images often reveal the kind of computer used by employees, as well as the contents of their screens and any information displayed on them.

Additionally, many people will discuss their work schedule on social media, as well as provide a detailed account of their professional experience, giving a social engineer more data to work with.

Vendors and Other Companies
External services that provide for a company can help a social engineer gain access to that company, especially if the service provider uses them as evidence of value on their website. Janitorial services and trash pickup services are especially valuable, as data could potentially be stolen after it leaves a business’ premises.

In short, while protecting your data with firewalls, authentication requirements, and other digital measures is crucial, it is just as crucial to also ensure that your employees are aware of the dangers that social engineering can bring. Establishing processes to help thwart social engineering attempts is something that every company should do, as it will help to protect them from these attacks.

For help in planning these processes, reach out to Network Solutions Unlimited at 217-428-6449.

Can You Trust Your Mobile Apps?
Tip of the Week: Awareness is Key to Mobile Device...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, December 12 2018

Captcha Image

Mobile? Grab this Article!

QR-Code

Tag Cloud

Worker Commute IT solutions Business Intelligence Scam Hacking MSP Two Factor Authentication Firewall History Touchscreen Security Cleaning Sports Productivity Language Congratulations Data Management NFL Bring Your Own Device Computers Chrome Hiring/Firing Cost Management Alert Productivity Wasting Time Saving Time Vulnerability Admin Data storage Internet exploMicrosoft Keyboard Benefits Bluetooth HaaS Gifts Memory Windows 10 Windows 10s Company Culture Disaster Recovery IT budget Budget HIPAA Monitor File Sharing Internet Cache Office Tips Data Windows Ink Cloud Big Data Meetings Scalability User Error Content Filtering Device Security Printing Applications Files Accessory Settings Professional Services Electronic Medical Records Transportation How To Mobile Device Mobility Computer Software Data Privacy Private Cloud Battery Edge Humor File Storage Small Business Licensing Downtime Smartphones Wireless Internet Money Public Computer Identity Theft IT Solutions Techology Testing Upgrades Saving Money Alexa for Business Hardware Smart Tech Unified Threat Management Quick Tips Business Owner Vendor Automobile Marketing Assessment Flexibility Search Outlook Users Root Cause Analysis Regulation Remote Workers Blockchain Communication Specifications Unified Communications Miscellaneous Innovation Hosted Solutions Unsupported Software The Internet of Things Spam Blocking Outsourced IT VoIP Analysis Mobile Devices Virus Social Engineering Patch Management Solid State Drive Wireless Technology Collaboration Worker Hybrid Cloud PowerPoint Data Protection IT Support Managed IT Service Data Breach FAQ Monitors PDF Politics Personal Information Smart Technology Dark Web Troubleshooting Virtualization Operating System Network BYOD Managing Stress Passwords Browser Customer Google Docs Computing Infrastructure Computer Forensics iPhone Email Storage Workers OneNote Audit Business Computing Workplace Tips Phone System Excel Mobile Security Nanotechnology Chromecast Data Backup Identities Tech Support Financial Technology Adobe Managed Service Provider Spam Employer-Employee Relationship IT Management Managed Service Phishing Remote Computing Google Assistant Update Data Recovery Microsoft Excel Windows Wasting Money Wireless Devices Computer Accessories Windows 7 Spyware Telephone Systems IT Services Computer Care Business Continuity Screen Mirroring Reputation Project Management Communications Tech Term SMB Facebook Apple Virtual Reality Laptop Chromebook Redundancy Experience Twitter Holiday Shortcut Cast Value Ransomware Websites Hosted Solution User Tips Document Management Augmented Reality intranet Gmail Apps SaaS App Networking Data Storage App store Bandwidth Data Theft Legal Information Health Virtual Assistant Windows 10 Charger Cloud Computing Two-factor Authentication Encryption Safety IoT WannaCry Google Drive Sync Legislation IT Support Connectivity Robot Projects Proactive IT Audiobook Managed IT Services Software as a Service Internet Exlporer Microsoft Office Artificial Intelligence Emergency Comparison Black Market Efficiency Peripheral Emails Business Technology Privacy Avoiding Downtime Public Cloud Managed IT Cortana Server Management WIndows Server 2008 Network Security Tip of the Week Smartphone How to Human Resources Upgrade Cybercrime Identity Shadow IT Hackers Remote Monitoring Rootkit Gamification Lifestyle Loyalty Hard Drives Keyboard Shortcuts Credit Cards Managed IT Services Microsoft Word Students Evernote Fraud WiFi Antivirus iOS Amazon Recovery Business Consultant Password Application Google Payroll eWaste Hard Disk Drive Advertising Training Government IT Service Thank You Router Physical Security Best Practice Social Media Touchpad Travel Work/Life Balance Compliance Ciminal Data Loss Data Security Computing Colocation Law Enforcement Gadgets WPA3 Technology Google Maps Retail Samsung Access Control Content Filter Telephone Wireless Charging Vendor Management Maintenance Office 365 Relocation Monitoring Instant Messaging CrashOverride Internet of Things Conferencing Content Automation Microsoft Co-Managed Services BDR Display Malware Webinar Television Commerce Education Android Sales Utility Computing Information Technology Video Games Books Administration Risk Management VPN Employer Employee Relationship Word Updates Save Money Wi-Fi Streaming Media Mobile Best Practices Mobile Device Management USB Hard Drive Cybersecurity Entertainment Going Green Camera Hyperlink End of Support Office Backup Printers HBO Business Management Proactive Financial Save Time Tablets Employee-Employer Relationship hacker Computer Fan