Do you get spam calls on your number like Erica? Do you know if you have ever been a victim of social engineering? Were you ever asked to share your personal information or send money on a phone call like Anthony described in the video?
As Anthony described, social engineers try to manipulate you by making you believe that they are from a legitimate company. Social engineering doesn’t always occur online or over the phone either. Someone may even visit your house or place of work to pretend to be someone else to steal personal information to be used against you. Like Anthony recommended, ask as many questions as possible to verify the person. Social engineers do not like questions. When an unknown person comes to your house or work claiming to be an authorized person, what should you do:
- Let them in and have them do their work
- Ask for their ID as proof of identity
- Get their name and call the company who sent them to verify their details
Social engineers will typically pressure you to move quickly, feigning a sense of urgency prevent your verification. Don’t succumb to the pressure, take your time when you are being pressured to share some information or provide access.
Please read through the list of scenarios below and let us know how you’d react:
- A technician from Microsoft (or Dell) calls and informs you your computer appears to have a virus. They direct you to logmein123.com, a legit remote support tool, and you agree to give them access to your computer. They check updates, system files, and let you know they found the issue. To fix it, they’d charge you a $99 service fee. What do you do?
- You receive a call from the IRS stating you owe on back taxes from a previous year, and they need to collect payment over the phone. When you refuse, they inform you the police are on their way to arrest you for non-payment. What do you do?
- A debt collector calls and tells you your doctor bill is past due. You ask for details; how much, what doctor, from when? To provide these details they need your date of birth and last four digits of your social security number (due to HIPAA). What do you do?
Avoiding Social Engineering and Phishing Attacks
Check out this article to learn more about social engineering along with some helpful tips to avoid being a victim of social engineering: https://www.us-cert.gov/ncas/tips/ST04-014/?&web_view=true
What is social engineering? Tips to help avoid becoming a victim
Social engineering is everywhere, online or right in front of you. Your best defense against these kinds of attacks is to educate yourself so that you’re aware of the risks — and to stay alert. Check out this informative video from the FBI:
https://www.fbi.gov/video-repository/protected-voices-social-engineering-083018.mp4/view
How social engineering tricked Wal-Mart into handing over sensitive information
Check out this article to learn more about Walmart falling victim to social engineering, where it ended up sharing sensitive information: https://nakedsecurity.sophos.com/2012/08/10/social-engineer-walmart/
Tuesday Training… "Malware"
Trojan horses, worms, RATs — There’s a whole animal kingdom of malware out there. Join Anthony and Fiona as they explore the best ways to keep malware from infiltrating your system.