Avoid Social Engineering and Phishing Attacks

By | 2015-03-03

You may be asking yourself what is Social Engineering and Phishing. In the past, hacking primarily consisted of your computer system being compromised in a way that the hackers could obtain sensitive information. Better security has forced hackers to take a new approach and that is where we get social engineering. Hackers now are looking for the easiest ways to hack people, and not just people’s computers. Social media has had one of the biggest impacts in social engineering because of how easily people share information via web sites like Facebook, Twitter, dating websites and even more personal accounts such as your healthcare provider and bank accounts. We will go through what measures you should be taking to protect yourself these days.

Hackers now look to impersonate someone who you would be willing to give your confidential information to. That information could be your email, passwords, security questions to an online account you created, home address, etc. A lot of these items can be obtained from just the trash you throw out. Now, you might be telling yourself, “I would never give anyone that information!”, but beware of how the hackers do this. Phone calls impersonating your bank or phone provider [and even a family member] are just some of the tricks that are working and being used by hackers. These hackers can obtain enough information about you to sound very credible over the phone. One of the best things you can do is be very skeptical of any phone call in which you are being asked to provide information. If the issue is anything that you could take care of in-person, do it in-person. You will be decreasing your risk of being hacked.

Phishing is another approach that hackers have found works very well for them. What hackers are doing is taking advantage of the relaxed procedures companies are claiming to take to ensure your information is as secure as possible. Another example is when hackers create a replica of your bank website. You could receive a fake request via email, which will have all the markings of a legitimate company or bank, to obtain your credit card information or to confirm something in your account. Once you follow the link to the site, all information you entered will be gathered by the hacker. What can you do to prevent this? First thing, check the address of the incoming email, usually they will be very close with the addition of a symbol or character which is easy to overlook. Hackers can even pose as your Facebook friends to peer into your posts and other information. So it pays for you to be as vigilant and skeptical as possible unless you can guarantee you are making transactions in a secure environment when online. Keeping your online profiles private may not be enough. So, sharing as little information as possible is your best bet.

In summary, do your best to protect yourself because companies you share information with may not be taking all the necessary steps to protect you. Shred documents at home and work to ensure they are properly disposed of. Set unique passwords for all accounts and not the same one for every place you may visit on a daily basis. Be skeptical when giving any information over the phone; Financial providers will never ask for confidential information over the phone. It could pay to do your homework and find out what security measures/training companies are using to share your information. Be vigilant of your day-to-day processes and it should not be hard to avoid today’s hackers.