Would Your Users Fall For These Social Engineering Schemes?

Would Your Users Fall For These Social Engineering Schemes?

Social engineering is one of the trickiest parts of protecting your organization. It might sound like something out of a science fiction flick, but it’s one of the most dangerous attacks that a hacker can use against your business. Social engineering attempts to manipulate the target into giving away sensitive credentials or personal information for the purpose of stealing identities and other malicious intentions.

Here are some of the most popular social engineering hacks that you’ll have to watch out for in the business world.

  • Vishing: More people are aware of phishing attacks than ever before, so naturally hackers had to pick up the slack somehow. Vishing is the alternative option that they are now trying to use, which features a voicemail asking for personal information.
  • HTTPS: SSL certificates can make sure that users are aware of whether or not a website is secure enough to protect your personal information. However, HTTPS doesn’t necessarily mean that a website is using security. Hackers can lure in victims by providing “free” SSL certificates to organizations, providing them with a false sense of security. You need to find proof that the website using SSL has an extended validation (EV-SSL), which is not offered for free at all. You’ll see a green bar in the URL bar when this type of encryption is available.
  • Website Copycats: Some scammers have even gone so far as to make websites that look exactly like reputable sites that are designed to harvest credentials or infect computers with malware. One example of this is the Equifax data loss incident which occurred in June 2017. Equifax had set up a website to help clients who had their information stolen, which used the URL equifaxsecurity2017.com. However, hackers capitalized on this event and created a spoof website using the domain securityequifax2017.com. The result tricked Equifax themselves. Here are some tips to help you avoid these spoofed websites:
    • Make sure the URL is correct
    • Don’t give information to sites that aren’t using EV-SSL
    • Look for seals of trust from reputable IT security websites
    • Be on the lookout for spelling errors, typos, or broken English
  • Every Word Password Theft: Hacking tools have certainly developed into more sophisticated threats, going so far as to utilize every single word in the dictionary to crack passwords. These password crackers can create hundreds of thousands of credentials in a matter of minutes, all using a dictionary attack against unwary users. Therefore, the best approach to creating strong passwords is to use numbers, letters, and symbols to make a mixture that nobody would expect.

Online threats can be a considerable problem for your organization, especially when they use each and every exploit against you. Thankfully, with some proactive measures that can keep your business safe, you’ll have a much easier time going about your online duties without exposing your data to threats. To learn more about how to protect your business, reach out to us at (617) 375-9100.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, 18 December 2017

Captcha Image

Request a Free Consultation

  • Company name *
  • First Name *
  • Last Name *
  • Title
  • Phone
  • What are your concerns?

      Sign up for our Newsletter!

      • Company *
      • First Name *
      • Last Name *

          Mobile? Grab this Article!

          QR-Code dieser Seite

          Tag Cloud

          security Tip of the Week technology Cloud Privacy Best Practices Hackers Productivity Business Computing business Microsoft Malware IT Services Internet Backup IT Support Hosted Solutions Managed Service Provider Email Network Workplace Tips Mobile Devices Communication Hardware Smartphones Computer Microsoft Office Disaster Recovery Windows Miscellaneous Mobile Device Management Efficiency Windows 10 Data Business Continuity Server network security Holiday Small Business Smartphone Software Alert Upgrade Saving Money Business Management Google Virtualization User Tips WiFi Passwords Remote Computing Operating System Internet of Things VoIP Gmail Social Media BYOD Ransomware Big Data Office Android Browser Apple Mobile Computing The Internet of Things Spam Innovation App Vendor Management Remote Monitoring Risk Management Phishing Artificial Intelligence Facebook Budget Apps Collaboration Wireless Technology Analytics Data Management IT Solutions Money Information Technology Managed IT Services Save Money Going Green Retail Best Practice Hacker Tech Support Bring Your Own Device Gadgets Outsourced IT Cybersecurity Office Tips Customer Service Automation Business Growth Application Presentation Hacking IT Consultant Content Filtering Firewall Saving Time Hosted Solution Lithium-ion Battery Running Cable Office 365 IT service Customer Relationship Management virus Recovery Data storage Hard Drives Document Management Employer-Employee Relationship Cost Management Robot End of Support Proactive IT Current Events Health Avoiding Downtime Computers Outlook Managed IT Mobile Device Settings Social Engineering Hiring/Firing Tablet Virtual Desktop Marketing Administration Cryptocurrency Downtime Business Owner Competition Bitcoin Work/Life Balance Windows 8 Google Docs communications Two-factor Authentication Update Hacks Cybercrime Law Enforcement Search Humor Trending Education Social Analyitcs Network Congestion LiFi Quick Tips Programming Cortana Specifications User Disaster Antivirus iPhone Laptop Twitter project management Phone System Chrome intranet USB VPN Safety PowerPoint Mouse Net Neutrality Samsung Encryption Statistics Save Time Password Website Wireless Maintenance Websites Television Legal Router Co-managed IT Domains Productivity Microsoft Excel Help Desk Bandwidth risk Typing Wi-Fi Crowdsourcing Excel Botnet Cyber-attacks today ’s world bdr Touchscreen Public Speaking Blockchain cyberattack 5G Business Intelligence Government SharePoint experience downtime Google Drive Halloween Heating/Cooling IBM cyberattacks Compliance Debate Distributed Denial of Service Skype Scary Stories Consumers eWaste Travel Memory Data loss businesses Regulations Augmented Reality Private Cloud Evernote Paperless Office LinkedIn Sports Unified Communications Environment IT Management Software as a Service Printing Fun Online Currency Gadget Data Warehousing Best Available Storage Troubleshooting History People Google Calendar Politics Technology Tips Computing Entrepreneur Company Culture Refrigeration Public Cloud Windows Server 2008 Video Surveillance Dark Data Buisness Deep Learning IP Address Windows 8.1 Update Printer Black Market Access Control Telephony Licensing Mobile Technology Google Wallet Knowledge Windows 7 security breach CIO Mobile Office Printer Server Managed Service Providers Training Piracy Mobile Payment Drones Experience Freedom of Information Users Modern technology User Error Display Identities Processors Data Breach File Sharing Patch Management Mobility Documents Undo News business owners Downloads Monitors Solid State Drive Digital Signature Notifications Files Comparison Flexibility Backups Word PDF Computer Repair Fake News Crowdfunding IT Support YouTube data breaches Writing Alt Codes Telephone Systems IT Budget Managed IT Services CCTV Digital Payment G Suite Virtual Reality Corporate Profile Point of Sale Machine Learning Google Maps Unified Threat Management Tip of the week SaaS WannaCry Meetings Relocation Physical Security Software Tips Webcam Data Backup Motion Sickness Chromebook How To GPS Error Personal Information Cloud Computing Cleaning Emoji Upgrades Tracking Electronic Medical Records Cabling Computer Care 3D Printing Identity Theft Automobile Infrastructure Staffing Unsupported Software Administrator Uninterrupted Power Supply Taxes Mobile Data Sync Hard Disk Drive test post Web Server Supercomputer Mobile Device Managment Cameras