We may earn money or products from the companies mentioned in this post.
Social Engineering Attacks
and How You Can Protect Yourself.
Identity theft, also known as a social engineering attack, is a major concern for all people in first world countries now days. You always hear of someone who had a fraudulent credit card charge or bills they did not sign up for. Even close to home it happens with friends and family. Identity theft is all too common. That is because in the defense of your information you are the weakest link. The bad guys know this all too well and work to exploit it.
There is a reason they target the elderly more often than other demographics. Someone trying to steal your information wants an easy target. If they wanted to work hard they would not have resorted to crime but rather got a job and hit the grind like the rest of us hard working folks. We are going to dig into how these people operate, think, and how to protect yourself with some basic awareness tips to watch out for in an increasingly digital age.
Thinking Like an Identity Thief or Hacker
Lets imagine for a minute that you were a hacker. An identity thief who wanted to get information in order to steal money or credit. The first thing you may be thinking is how do I guess a password. While that is an option, an identity thief likes to be sneaky and think of avenues around the direct approach. Even the smallest piece of information can get them started in the right direction.
Imagine you get a call from someone, for example one of those extended warranty spam calls, and they ask you simple questions about yourself. You may think it is harmless unless you share something important like your social security number, so you tell them your name and confirm your birthday and some other pieces of meta data about yourself. Then you realize that this is a spam call or finally tell them to take you off the list, however the damage has already been done.
That same caller, who actually has malicious intent, also finds out you go to a certain bank or have a certain credit card by simply calling around the major banks to find out where they ask for confirmation information. Lucky for them they have the info you gave them earlier from the call like your address and birthday that they can now use to answer security questions and ask for access to your account or log on to the website and reset your password. Behold, they are now have access to your accounts. Now they can send themselves money to an anonymous account all without even knowing your actual password information.
How Bad is It?
Social engineering has been very common and will continue to do so. In any system, the human factor is always vulnerable. Hackers are getting more clever with their disguises and backdoors. In fact, even businesses struggle with these kinds of attacks. Over 90 percent of data breaches have an element of social engineering to them. The employees are even a weakness for big business.
Phishing emails, which are a type of social engineering attack where the attacker pretends to be another entity, require you to input valuable information into some field that looks legitimate but actually sends it to the wrong person. They are a particularly often occurring problem for large and small businesses and need to addressed constantly. In the year 2020 it led to 1.8 billion dollars in losses for businesses. Incident occurrences are only increasing. Social engineering attacks are the leading avenue of cyber attacks. Even at home, there is an identity theft case every 14 seconds according to statistics. It will not be getting better any in the foreseeable future.
What can You Do to Protect Yourself?
How can you keep yourself safe from risk of identity theft? Well, the answer to that is awareness. As much as we hear about services that protect you against identity theft, they really do not protect you as much as you can yourself. Firstly, know what information of yours is publicly accessible. Social media accounts can share plenty of information for a hacker to abuse so make sure they are placed on private mode. Make sure you also keep aware of what you post on there.
Next advice, and this is a big one, if someone contacts YOU for information and not the other way around, be very careful. Most times companies will not reach out to you for information and it is 99 percent of the time a scam or malicious attempt be it email or phone calls. If you do get an email requesting something, go through their website and do not use any links on the email itself. If anything seems suspicious or if you think you have submitted information a place you shouldn’t, reset passwords. A good lengthy 12 character plus password is the best defense when they can not get around it. Again, awareness is key.
Whether you are an employee working on a computer at your company or someone at home, security awareness is a crucial skill. As we mentioned before, identity theft will be an ever increasing presence and shouldn’t be taken lightly. It can ruin your reputation or finances. Always keep in mind your digital trail and be aware of who can see your personal information. Stay safe and happy browsing out there.
You Might Like – https://www.thefullbyte.com/2022/06/08/a-modern-day-social-dilemma/