Did you know that Social Engineering causes 90% of data breaches?
Over the last couple of months, we have seen more and more people become a victim to social engineering. “Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.”
Social engineering attacks happen in one or more steps. The hacker first investigates the victim to gather background information, such as weak security protocols or potential points of entry. Then, the attacker moves to gain the victim’s trust by revealing sensitive information or granting access to critical resources. Social engineering is dangerous because it relies on human error, rather than vulnerabilities in software or operating systems.
If your boss sent you an email asking you to send them a password would you, without hesitation? But did you double-check the email address? Or verbally confirm with your boss.
There are many ways you can try to limit the risk of social engineering. You can double-check every single email address by clicking on the email address and validating it letter by letter. You can communicate verbally for nonstandard requests or sensitive data requests, or you can test your staff on a regular basis.
The consequences of such attacks can often be dire. While larger businesses may be able to recover from substantial losses, cyber-attacks can be catastrophic for both small businesses and individuals.