Beware Of Social Engineering Attacks

In Security Jargon, Social Engineering is the act of using Non-Technical aspects for obtaining confidential information.  The attacker don’t need to have contact with the victim in person. These kind of attacks are called as social engineering attacks. Here the intended victim is tricked to do something needed by the attacker. A common example is phishing. It is a kind of social engineering attack. If you are still confused with this term, I can explain this with another example. Consider this, X wants to break into a computer network using  social engineering trick. He will try to gain the attention of Y who has access to authorize the network in order to get the required information for breaking the network’s security. This is known as social engineering attack.

MUST READ : Beware Of Phishers – A Brief Review

How to avoid being a victim of Social Engineering Attacks?

social-engineering

  • Never provide your personal information or information about your company/organization unless you are certain of the person’s identity and authority to have that information.
  • Never reveal personal and financial information in email and do not respond to email solicitations for this information. This includes the links sent in email.
  • If you are not sure whether an email you got is legitimate or not, then try to verify it by contacting the company/organization directly indeed. Do not use the contact information provided in that email instead use the one from your previous emails.
  • Always check the URL of a web site. Phishing web sites may look identical and genuine to a legitimate site, but the URL may slightly differ like misplaced words and letter. Also check the domain name extensions (Like .com or .org).
  • Never send sensitive and worthy information over the Internet before checking the security of a website.
  • Always be aware of unsolicited phone calls, visits and emails from individuals asking about your employees or other such information. Better try to verify his or her identity directly with the company.

If you are victim of this…..

  • If you revealed sensitive information about yourself and your organization, report it to the concerned people within the organization.
  • If  your financial accounts may be compromised then contact your financial institution immediately and close the accounts that may have been compromised.

Don’t give any sensitive information to anyone unless you are sure about the person’s identity and that they should have access to the information. Choose not to be a victim.

10 thoughts on “Beware Of Social Engineering Attacks”

  1. Thanks for sharing very useful information. These social engineering attacks become more and more widespread. It’s a great problem nowadays. We meet them at every step while using the Internet. Everyone should be very cautious.

    Reply
  2. You wrote "Never provide your personal information or information about your company/organization unless you are certain of the person’s identity and authority to have that information." but many other bloggers say that you should do branding of your site and even yourself. How can we do that if we don't share our company infor (general)?

    Reply
    • Buddy I mentioned that you should not provide your personal information to a guy, who asks you for it, unless you are sure about his identity or he has the authority to have it. It is applicable for blogs also. Never give/display your personal information which you use for security purposes in your blog/ to anyone ! 😉

      Reply
  3. Hi and thanks for the info. I try my best to visit sites that I trust, but you do come along a few that are to good to be true.

    Phishing emails have increased lately in my email box with me winning millions from overseas and asking for bank info. If I had won, why ask me for my bank details, just deposit the money.

    I guess people learn to be skeptical about emails now days and the hackers are always trying new things.

    I get numerous emails from my bank and other institutions about emails going around with their brand and all.

    Reply
    • I got a letter from Bill Gates 3 years back. I actually replied to it. 😀

      I’m not aware of these stuffs back those days. Now very concern about it. But sometimes these mails tend to be true, that is what worrying me a lot.

      Reply

Leave a Comment