Social Engineering: Protect Yourself from Digital Deception
- JANUARY 8TH, 2024
- 2min read
Introduction
What is Social Engineering?
Social engineering is a cyberattack technique where attackers manipulate you into revealing sensitive information, such as passwords, credit card numbers, or personal details. Unlike technical hacks, social engineering exploits human psychology, often using deception, trickery, or intimidation. The Hospital IT Help Desk is a recent social engineering attack that resulted in threat actors gaining unauthorized access to healthcare organization email accounts, enabling them to divert legitimate payments to their own accounts through social engineering tactics.
Common Techniques of Social Engineering
- Phishing: Sending fraudulent emails or messages that appear to come from legitimate sources, urging you to click on malicious links or download attachments.
- Pretexting: Creating a believable scenario to gain access to confidential information, such as posing as a tech support agent or a company employee.
- Baiting: Offering enticing rewards, like free software or exclusive content, to lure you into clicking on malicious links or downloading infected files.
- Tailgating: Physically following authorized individuals into restricted areas to gain unauthorized access.
How to Protect Yourself
- Scepticism: Never let your guard down, even when faced with seemingly legitimate requests for personal information. Question everything.
- Resist Clickbait: Think twice before clicking. Hover over links to see where they lead. Avoid suspicious links to stay safe online.
- Strong and Unique Passwords: Construct complex, unique passwords for each of your online domains; consider using a reliable password manager for this. Regularly raze these fortresses to the ground and rebuild them with fresh fortifications.
- Enable Multi-Factor Authentication (MFA): Equip your accounts with the shield of Multi-Factor Authentication (MFA). This additional layer of defence will thwart even the most cunning cyber adversaries.
- Report Suspicious Activity: If you encounter suspicious emails, messages, or phone calls, report them to your IT department or security team.
Explore more CIL Advisories
Phishing Emails
IntroductionPhishing attacks are becoming increasingly sophisticated, with malicious actors exploiting current events like the Paris 2024 Olympics Games to run…
DECEMBER 16TH, 2024
Read More
Preventing Deep Fake Scams
IntroductionMalicious actors always find creative ways to defraud unsuspecting individuals; deep fake scams are one of the latest ways with…
DECEMBER 9TH, 2024
Read More
Trouble Looms: Ransomware Attacks on the Rise
IntroductionRansomware is a type of malware which prevents you from accessing your device and the data stored on it, usually…
DECEMBER 2ND, 2024
Read MoreNever miss a CIL Security Advisory
Stay informed with the latest security updates and insights from CIL.
