Social Engineering
Businesses may have all the right IT security measures in place - anti-virus, backup systems, firewalls etc. But there is still one major loophole in the system - the Human Factor.
Social Engineering is the term used to describe the processes that would-be criminals might use to exploit this human “loophole”. One of these methods is by gaining the trust of a selected employee of a company, either by telephone conversations, emails or direct contact. They use information gleaned from various sources e.g. websites, to make themselves appear to be legitimate and knowledgeable about that particular person or business. They then prey on peoples natural “trusting instinct”.
Once this “trust” is established, they will then try to obtain sensitive information such as passwords, credit card information etc. from the person. They might also ask the employee to log into a particular computer, thereby also allowing the criminal access to the system from which they can harvest sensitive information.
In order to avoid these type of scams, education is the key. All staff must be made aware of such tactics and it should be forbidden to give out any sensitive information to unknown sources however genuine they may seem.
Phishing
Phishing is the practice of sending out fraudulent emails, purporting to be from legitimate companies, in order to induce individuals to reveal personal information such as passwords or bank account details.
These emails may appear to be genuine, even using company logos and forms. To avoid falling into the trap, be aware that no reputable company, bank or financial institution will EVER ask for sensitive information via a link in an email.
Delete these emails from your Inbox as well as your Deleted Items folder.
Always be email suspicious as “prevention is better than a cure”.
Should you have questions or require help, please don't hesitate to Contact Us!