Social Engineering
SOCIAL ENGINEERING
Social engineering is any act that influences a person to take an action that may or may not be in their best interest.
PHISHING
Common Tactics
Emails that appear to be from a reputable source. They urge you to take action or attempt to gain personal information.
VISHING
Attempting to gain access or important information from you over the phone. Spoofed phone numbers may be used.
IMPERSONATION
Using a detailed background story while posing as someone else with the goal of obtaining information, physical access, or computer access.
Spotting A Social Engineering Attack Social engineering attacks often rely on one or more tactics to get you to take action. Watch out for these common signs:
1
They request something of value from you. They might request bank account numbers, personal information, usernames, passwords, access to your computer or mobile devices.
2
They want to keep the matter “secret” or “private.” Because any attempts to verify the authenticity of the request would easily expose the true nature of the attack.
3
They need you to take urgent action. By rushing you along, they hope to keep you off balance, limiting your natural ability to detect when something isn’t quite right.
4
They approach you from a position of authority. We are taught not to question authority and attackers use this to their advantage. They often work the names of authority figures into conversation or pose as one. This could be executives, security guards, or even a popular person at the company.
5
They start slow. Social engineering attacks often start slowly and build momentum over time. Several interactions could occur before you even realize you’re a victim.
18 Lincoln Business Builder
