HUB TechMinutes

Business technology news, tips and events.

HUB TechMinutes

Better business through better information.
3 minutes reading time (629 words)

Could You Identify a Social Engineering Attack?

social_engineering_hack_400

Social engineering can allow a cybercriminal to access networks without being hampered by the security solutions that a business has in place. Through the manipulation of the human element of a company, its critical resources are exposed. In order to protect your business against the threat of a social engineer, there has to be an overall awareness in your company culture.

Why Social Engineering Works
One of the main reasons that social engineering can be such an effective tactic for cybercriminals is because, rather than telling the target what they want to hear, the target is told what they expect to hear. By coming forward under the guise of someone who should be coming forward, the cybercriminal is able to extract information from unwitting staff members, adding to their intel through intensive online research.

These are the key factors that allow these kinds of attacks to be as successful as they are. The methods used by social engineers aren’t the kind that immediately come to mind when one thinks about cyberattacks. Since the attack doesn’t typically resemble more well-known threats like ransomware, these attacks are often able to infiltrate their target without any suspicion. Additionally, there is an excess of information available online, known as open-source intelligence, that provides the social engineer with the knowledge they need to craft their approach.

This open-source intelligence can come from a variety of places, making the social engineer’s job that much easier. There is plenty of information readily available on the Internet, all it takes is looking in the right place.

Sample Information
While it’s no secret that there is a ton of information online, the true scope of what is available can be alarming when all laid out. The following information can all be found if one knows where to look, and is by no means a comprehensive list of what is there:

Technological Details
Considering how valuable a cybercriminal would find the details of what technology is used in a business, these details are remarkably easy for cybercriminals to find. Companies will often show their hand in online job postings, identifying the hardware and software that they use in order to find someone with the experience. This not only ensures that qualified applicants send in their resumes, it also allows cybercriminals to send in the exploits needed to take the company down. Social media posts can also share this information--the wrong picture could give access to networking hardware and other critical and sensitive data.

Employee Data
On the topic of social media, sensitive company information can easily leak through oversharing. Employee activities that are shared or tweeted can provide a cybercriminal with crucial insights. Images can create an even bigger problem. If not scrutinized before posting, you can inadvertently display key details, from the data on the screens to the model of the computer that holds the data.

Furthermore, employees using social media carelessly can deliver more invaluable data for a cybercriminal to leverage. Discussing work schedules or even sharing specifics of work experience can potentially put your business at risk.

External Companies
Unfortunately, social engineering attacks can leverage data that you have minimal control over against your business as well, as other companies and vendors you do business with may share their experience with you as evidence of their value. Furthermore, if your janitorial services and trash pickup providers aren’t secure, your data could be stolen after it has left your property.

So while it is absolutely critical to leverage cyber protections for your data’s security, including solutions like firewalls and authentication measures, your employees also need to have their eyes peeled for the threat of social engineering. Every business needs to have a plan to avoid and mitigate the threat of social engineering. We can help.

For more information, call us at (204) 772-8822.

Is Your Mobile Device Safe from Malware?
Get the Best of Both Worlds with a Managed Private...

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Guest
Saturday, December 14, 2019

Captcha Image

Get Updates On Our New Blog Posts!

Book your free introductory consultation now.

Let's Talk

Happy Clients

Don't Miss Our Next Newsletter!

Subscribe to our free monthly newsletter! It's packed with valuable information, useful tips, and important security alerts.
* indicates required
Your email address is secure with us - we never share our subscriber information.

HUB Tech Minutes

30 December 2019
Using a slow computer can be very frustrating; and, since there is a laundry list of things that can cause your computer to slow down, you may have a difficult time troubleshooting the problems. Slow computers can be filled with viruses or malware, t...
11 December 2019
Mobile devices haven’t been known to have a lot of faults when it comes to security, but when a really bad malware attack does happen, the best solution may be to wipe the device and start over from a factory reset. Currently, there is a malware targ...
10 December 2019
While the major holiday shopping days have passed us by, many people are still looking for that perfect gift often using the Internet to find it. While online shopping is certainly more convenient, it can also be dangerous. To help keep you safe this...