enterprisesecuritymag

Is Social Engineering Forcing Organizations to Remain Vigilant

By Enterprise Security Magazine | Thursday, October 24, 2019

Social Engineering is getting more sophisticated in the future, and the criminals have started employing advanced technologies to derive the benefits.

Fremont, CA: With the onset of the internet age, there emerge different methods of cyber-attack putting enterprises and consumers in danger. One of the successful forms of cybercrime is social engineering comprising a broad spectrum of security threats, especially those associated with phishing attacks where the criminal steals information from a user.

The base of any social engineering attack is trust wherein the criminal seeks to gain confidence, thereby trying to receive credentials like passwords. Commonly, social engineering attacks are carried out over the phone or online. In such cases, attackers make multiple phone calls about a security issue with their operating system and make the responders reveal their credit card number over the phone.

On the other hand, online social engineering can cause bulk attacks like when the users click on fake links and enter their credentials on a spoofed webpage. As the necessary cybersecurity technology diminishes, scientists are observing new forms of social engineering.

Baiting

Baiting occurs when a user enters the login information and in turn, receives some enticing data where the “bait” comes in any form including music, movie, or a corporate branded flash drive scripted “Executive Salary Summary Q3 2016”.

Phishing

Phishing is an attack delivered in the form of email, web ad, chat or website designed to impersonate a real system and organization. Here the phishing message may come from government, bank, or some major corporation.

Pretexting

Pretexting, known to be the human equivalent of phishing where the hacker breaks the trust between themselves and the end-user by impersonating a figure of authority or a co-worker to gain access to login information.

Piggybacking

Piggybacking, known as tailgating, where an unauthorized person physically follows an authorized person into a restricted corporate area. One method is when a hacker calls out an employee to leave the door open for them as they have failed to take their RFID cards.

Social engineering attacks are dangerous that an organization should focus mainly on their cybersecurity efforts and budget on products like firewalls and other intrusion detection systems. Particular focus on employees’ training is emphasized for organizations to protect themselves.

Check this out: Top Forcepoint Consulting Services Companies

Weekly Brief