Social engineering is yet another tactic criminals and hackers could use to steal data from an unsuspecting company, and we work with companies frequently who have been affected by social engineering.
This tactic, however, is different than other methods, mainly because it preys on human emotion and interaction. Here are a few ways social engineering could play out in your own business.
Don't know what social engineering is and want to learn more about a hacker's digital strategies? Read our article answering, "What is Social Engineering?"
Social Engineering through email.
The majority of people are most accustomed to this form of social engineering. They receive an email with a message asking them to send over private information, download an attachment, or click on a link. But little do they know, they’re about to send over private information to a group of criminals, download a malicious attachment, or click on a corrupt link.
Social Engineering through an enticing offer.
Whether it’s online or face-to-face, a person with malicious intentions could offer you something in return for specific information. This information might come in the form of login credentials, credit card numbers, or client records. When it comes to what this person might offer in return for this information it could be anything, really… even something as simple as a pen.
Social Engineering as an impostor.
In most cases, a person using social engineering tactics will pretend to be someone they aren’t. Over the internet (through email, for example), the criminal could pose as your boss or a friend. And in person, they could pose as a maintenance worker or as an inspector. The possible situations here are endless.
Social Engineering via making a scene.
You’ve probably seen something like this in the movies, but it doesn’t mean this type of situation can’t (and doesn’t currently) happen in real life. If a criminal wants access to something in a building, all they really have to do is go up to someone who doesn’t know any better and cause a scene.
If the employee feels uncomfortable enough, they’ll probably give into whatever requests the criminal is making… especially if that criminal is pretending to be someone they aren’t, like a coworker from a partner company or paying client.
Social Engineering the old fashion way.
Again, many of these situations may seem as if they come straight out of a movie, and in many instances, they can be exactly like that.
Imagine this: Someone wants access to a locked building, room, or parking lot? It’s simple, really. All they have to do is follow someone inside or ask for help.
If you work inside a large enough building, everyone won’t always be familiar with new hires right away (heck, they may not even know people who have worked there for months). Because of this, an unsuspecting employee might hold a locked door open for the wrong person or allow a criminal to follow them in through a gated entrance.
Want to Learn More About Computer Threats?
Posted by Kevin Kendall
Kevin Kendall is the VP of Services for Standard Office Systems and has built a career of assisting businesses with their office technology needs. He has decades of experience with products and services like copiers, business phone systems, and managed IT services. Mr. Kendall is driven to see others succeed and help them develop to achieve results beyond ordinary expectations.