Social Engineering: The Science of Tricking People


Posted on June 30th, by Cathy Olsen in Internet Safety, Technology Explained. 2 comments

 

scam

What is Social Engineering?

Social Engineering is an Information Security Term referring to the act of manipulating or tricking people to share confidential information.

A bad guy is trying to trick you into spilling the beans!

 

Have you seen a spy movie? Typically the Social Engineering attack is the scene where the main character tells lies in order to get past the guard at a corporate office or data center. They usually find out as much as they can about the company to sound legitimate.

In this day in age, it is difficult to “Trust” people. Attacks come from every angle and it is important to be on your guard. Teach your kids about these scams and they can protect themselves. My rule of thumb is to Be wary of a any unsolicited communication!

On a lighter note. I have to share the clip from Ace Ventura. Here the Ace Ventura character is pretending to be a patient of the Mental Hospital in order to gain access to confidential files. I had to share! I don't know about you but it is Hilarious!


What types of social engineering attacks are there?

Social engineering can come in many forms:

E-mail

E-mail is probably the most common social engineering attack. This is known as phishing. The attacker will pretend to be a legitimate company in order to get you to a malicious site or for you to gather information. See my post on How to detect Phishing?

Social Network

Social networks are a prime place for a social engineering attack.Random friend requests. These are not very successful. I know most people would not accept to be friends with someone they didn't know. However, what if your friend's Facebook account is hacked? Your 'friend' could start messaging you on Facebook about how they are in the middle of an emergency and only need a small amount of money to rescue them. Use your gut feeling to know if you should respond to friend communications or request. If you have their phone number Is it normal? See my post on Social Media Scams

Text Message

Ever get a random text with a link? Don't open it! Don't click on the link. These unsolicited text messages are a form of social engineering. The attacker wants you to click on the link which is a website laden in malware. You may have signed up for text message notification service. Keep track of your notification. Do not open or click on unsolicited text messages! The Text is most likely SPAM.

Phone Call

Have you ever received a phone call stating that their is a problem with your computer and it is causing a lot of “problems” on the network? This is a common scam and usually routes through a local phone number. I helped my mother-in-law with this very scam. Whether at work or at home, IT Support will not call you randomly. See my post: Don’t Accept ‘Free’ IT Support from Random Callers

Baiting

Have you ever found a USB key? What is the first thing you do to find the owner? You probably put it in your computer to see if you can find a name in one of the files. Someone leaving it after a party or student gathering is one thing. You should never use a USB key that was found in a public location (parking lot, restaurant, etc.) These USB key devices could be loaded with lots of malware that could unknowingly take over your system.

How do I protect myself from Social Engineering?

The best way to protect yourself is to develop a healthy habit of skepticism. Not everyone is out to get you, but before you can establish a relationship of trust with someone or a business, keep your personal information safe. (See my post on protecting personal information.) It is o.k. to be generous and to be a helpful stranger, just don't give away information that could leave you a victim of a social engineering attack.

 

 

 





2 Responses to “Social Engineering: The Science of Tricking People”

  1. Deborah says:

    I had a call once about my computer having a virus. When I didn’t cooperate with the caller, he made very graphic, sexual comments. :-(

  2. Cathy Olsen says:

    Thanks for sharing! When I spoke with the caller for my mother-in-law the caller was really rude and angry. I feel bad for those who didn’t know better. Typically they get people to ‘buy’ software which installs malware on their computer.

Leave a Reply



Recent Posts

The Securemama blog is updated regularly to teach and help people with technology and Internet. Keep it Fun!  Keep it Safe!

Protect Your Family from Pornography

 

I have been working on this blog for four years now.  I think I have helped a lot of people.  I am glad to...

New Years Internet Safety Resolutions
The holidays are almost over and now we are starting to think about how to improve our lives. Here is some food for...
Black Friday Tips – Holiday Technolo-JAY
Holiday Technolo-JAY:  Black Friday and Beyond

 

Guest post by Laughing and Losing It, an awesome blogger who creates humorous spins on shopping, kids, cleaning, motherhood,...

Shop Online Safely

If you want to avoid getting trampled on “Black Friday” or even “Black Thursday Night,” shopping online can be a very efficient and effective...

Control the Internet in Your Home

Many of us may feel like a 'victim' of the Internet.  Our kids are on it ALL DAY LONG!  What can you do as...

Cell Phone Safety

Image credit: inhabitots.com

Cell Phone Safety

Guest Post by Amanda Martin:

Amanda Martin, writes about variety of mobile related topics, the favorite are apps for parental...