5 Common Social Engineering Tactics

Submitted by Kevin Kendall on Fri, 04/ 07/ 17 - 12: 57 PM

5 Common Social Engineering Tactics

Social engineering is yet another tactic criminals and hackers could use to steal data from an unsuspecting company, and we work with companies frequently who have been affected by social engineering.

This tactic, however, is different than other methods, mainly because it preys on human emotion and interaction. Here are a few ways social engineering could play out in your own business. 

Don't know what social engineering is and want to learn more about a hacker's digital strategies? Read our article answering, "What is Social Engineering?" 

Social Engineering through email.

The majority of people are most accustomed to this form of social engineering. They receive an email with a message asking them to send over private information, download an attachment, or click on a link. But little do they know, they’re about to send over private information to a group of criminals, download a malicious attachment, or click on a corrupt link.  

Social Engineering through an enticing offer.

Whether it’s online or face-to-face, a person with malicious intentions could offer you something in return for specific information. This information might come in the form of login credentials, credit card numbers, or client records. When it comes to what this person might offer in return for this information it could be anything, really… even something as simple as a pen.

Social Engineering as an impostor.

In most cases, a person using social engineering tactics will pretend to be someone they aren’t. Over the internet (through email, for example), the criminal could pose as your boss or a friend. And in person, they could pose as a maintenance worker or as an inspector. The possible situations here are endless.    

Social Engineering via making a scene.

You’ve probably seen something like this in the movies, but it doesn’t mean this type of situation can’t (and doesn’t currently) happen in real life. If a criminal wants access to something in a building, all they really have to do is go up to someone who doesn’t know any better and cause a scene.

If the employee feels uncomfortable enough, they’ll probably give into whatever requests the criminal is making… especially if that criminal is pretending to be someone they aren’t, like a coworker from a partner company or paying client. 

Social Engineering the old fashion way.

Again, many of these situations may seem as if they come straight out of a movie, and in many instances, they can be exactly like that.

Imagine this: Someone wants access to a locked building, room, or parking lot? It’s simple, really. All they have to do is follow someone inside or ask for help.

If you work inside a large enough building, everyone won’t always be familiar with new hires right away (heck, they may not even know people who have worked there for months). Because of this, an unsuspecting employee might hold a locked door open for the wrong person or allow a criminal to follow them in through a gated entrance. 

Want to Learn More About Computer Threats?

How Does Ransomware Work?
Network Security Threats of 2018
Why Your Employees Are A Major Internal Security Threat
The True Cost of Downtime

Get Your Questions Answered Now

 

Posted by Kevin Kendall


LinkedIn

social engineering tactics