Translate
Phone
USA +1 813 304 2544 IRL +353 91 54 55 00
TitanHQ

TitanHQ Blog

Social Engineering Scams and How to Avoid Them!

Posted by Geraldine Hunt on Tue, Sep 8th, 2015

What is Social Engineering?

Social engineering is the art of manipulating someone to get something. Social engineering is not always bad. However in this article, we'll focus on social engineering in the context of information security. Most huge data breaches nowadays have a social engineering component.

Types of Social Engineering Attacks

1.      Email from a friend/colleague/family member

These attacks abuse the trust between two individuals. One person pretends to be someone they're not.

Stranded abroad variant

It's not uncommon to receive an email that purports to be from someone you know and trust. Sometimes it turns out this email was sent by a person with criminal intentions.  The email might inform you that Sue is stuck in Barcelona and had her purse stolen. She's at the embassy and just needs money to get a plane ticket to fly back home. If you receive such an email,  try to get in touch with Sue via another communication medium, Skype, Whatsapp, Phone etc...

That will allow you to confirm whether that the email was really sent by her. This in turn will help ensure you don't divulge confidential  information or  send money to cyber criminals. If  email contact is the only option,  report it to your IT/ Information Security department. They'll know how to deal with it.

Funny/interesting link variant

We all know this one, “Wow! This is the most amazing display of natural kindness that I have ever seen. Check it out.”. You then click on the link and get directed to a video.  In the meantime, you've just lost control of your computer. If  this is a computer on the work network this spells trouble.  Your computer can now be used as a beach-front to attack the rest of your company's internal network.

2.      Phishing attempts

These attacks abuse the trust that we have for official, above-reproach institutions.

DHL/Fedex package delivery failure variant

You might receive an email informing you that DHL was unable to deliver a package at your home, if you could just click on the following link and...What you should do is: STOP! Then ask yourself whether you were expecting any package, if not, forget about it. If it is important enough, the sender will directly get in touch with you, as opposed to via DHL.

Renowned charity/fund-raising organization variant

If it's important to you, ignore all the information in the email, go and google for that Charity's details, call them and verify with them.

Urgent problem, needs instant resolving variant

Try to reach out to the company via telephone or by walking into their local office. Once again, if it's important enough, the company will have many ways of reaching out to you.

You've won the lottery variant

If you win the lottery, shouldn't you have played first, or bought a ticket? Contact the lottery via telephone. Ignore the email, otherwise you risk calling a phone number controlled by the scammers.

Your help is needed for some disaster relief variant

Within hours of any natural disaster scammers start targeting individuals all over the world. They send fake emails looking for help, resources and so on. You can protect yourself from these phishers and scammers. However there’s only so much you can do if a service you use is compromised.

Here are some basic preventive measures you can take:

  1. When in doubt, ignore it!!!
  2. Take a deep breath and think.
  3. Do some research, use alternate means of communications.
  4. Report and then delete all requests for private, company or financial information.
  5. Report then ignore requests for help. If it's legitimate, you'll hear of it officially.
  6. Do you have to click on that link?
  7. Use different logins and passwords for different  services.
  8. Use two-factor authentication
  9. Use credit cards with care

These steps won’t prevent your account from being compromised if a service provider falls for a social engineering hack and hands your account over to the attacker, but they may at least minimize the damage possible and also give you more peace of mind that you’re doing as much as you can to protect yourself.

Never Miss a Blog Post

Sign-up for email updates...

TitanHQ

Need Help Ordering?

Call us on USA +1 813 304 2544 or IRL +353 91 545555

Contact Us