Main menu

Pages

 

What is social engineering and how do you avoid its risks?



What is social engineering ?



When users are asked to think about their security and safety on the Internet, their ideas are shifting towards smartphones, laptops and tablets, and how to keep them away from hackers and malware.

Of course, this thinking must be taken care of, strengthened, and the security instructions related to it followed, but nevertheless, this part represents only half of the story.

The other side of cybersecurity is far more important and is the most effective component of security protection, which is the human factor.

Even if security system developers were able to access a system that was infallible from malware and could not be hacked, and this would not happen, at least for now, but these systems remain dependent on human interaction and the way the user interacts with the system, so everything revolves around the same “human” user.


What is social engineering?

Therefore, many hackers and pirates around the world rely on the human element only and far from the interaction between it and devices, which is known as social engineering.

In short, social engineering can be defined as the manipulation and deception of humans in order to obtain data, information, or money that would otherwise remain private, secure, and inaccessible.

Hence, the fraudulent "social engineer" hacker uses his skills to target human weaknesses in an attempt to circumvent the controls and procedures that would prevent him from obtaining the information he needs.


What kind of information can be lost?

The short answer is "everything". In the information age, any information can have value. The person who targets you also has certain motives, and therefore it is not possible to disregard any information you lose.

Of course, the hackers who rely on social engineering focus mainly on financial services such as online bank accounts or any information that helps them get money.


How do I protect myself?

  • First: The basic advice that avoids many security problems, is “Never share any information or any personal data with anyone.” Although this is easy to do, many users overlook this advice.
  • Second: Always check the people you talk to, whether by phone, e-mail, instant communication services, etc., for example if the caller is from an official company, do not find it embarrassing to ask him for his full information and to call from an official phone number that can be verified.
  • Third: Do not open e-mail attachments from unknown people, so until now this method is widely used to spread malware and obtain personal information, by impersonating large companies and attaching some files in the mail.
  • Fourth: Work to secure your smartphone or laptop. You can rely on spam filtering by relying on special tools. Also, rely on powerful anti-virus programs that include tools to combat phishing messages and pages.

Why does social engineering sometimes succeed despite the user's caution?

The topic simply depends on targeting the psychological side of the human being, as hackers use some basic stimuli for human behavior, such as sowing fear, curiosity, distraction, enthusiasm, and others.

A picture via email can trigger your emotions to donate to a specific charity deceptively, or by creating fear within you by notifying you that one of your accounts has been hacked and that the password should be reset, or curiosity can prompt you to see this funny picture or read interesting news.


 Are you keen enough?

Well, it may be in your mind now that I cannot be deceived by such social methods, but you should know that some high-ranking officials in global companies have been exposed to such types, as there are methods that are used more than the scams that are used in the strongest crime films, so Do not rely solely on your keenness and intelligence, but make sure that you follow correct security practices in all cases.


What about companies?

A recent study by Verizon showed that many fraud and phishing attacks target in-house financial management personnel, given that they are the supervisors of money transfers.

Perhaps it suffices for you to confirm that Google and Facebook have exposed them to a fraud attempt at a value of $ 100 million a few days ago, to learn how these hackers do their work with a high degree of professionalism.

Therefore, companies should work to train employees, especially employees of the financial sector, to take proper security measures, as the human factor is the most important part of any system they follow, no matter how safe this system is.


read also : What Do You Know About Linux System

reactions

Comments