What Is Social Engineering and How Do You Stop It?

What Is Social Engineering and How Do You Stop It?

Social engineering has been gaining awareness in recent years, leaving many people wondering how to stop it. According to Purplesec’s 2021 Cyber Security report, an alarming 98% of cyber attacks rely on social engineering. 71% of attacks involve malware, most of those happening by email. It’s a standard method of attack that has affected most industries and has continued to grow in recent years.

What is social engineering?

Social engineering is a type of attack that uses human behavior to steal sensitive information. Rather than acquiring it by force, the goal is to get people to freely provide it. By establishing trust, they set up the target in a way where their requests seem reasonable.

How is social engineering done?

Social engineering is usually a multi-step process. The attacker will start by profiling the target and choosing the method of attack. The next step is getting in contact and establishing themselves as trustworthy. Once they have the desired information, they take it and cut off communication.

Why is it dangerous?

Unlike external threats, social engineering is dangerous because it targets people directly. The human factor is an ever-present vulnerability with cybersecurity. They can give information upfront or allow the attacker to bypass protection.

What are some types of social engineering?

There are many types of social engineering that should be watched for.

    • Pretexting: Creating a believable scenario that establishes authority, need, and trust. Pretexting could be as upfront as someone claiming they need access to data or hardware for routine maintenance.
    • Phishing: Impersonating a well-known company through chat, email, or online ads. Phishing can involve linking to a fake landing page that imitates the actual website. From there, they may prompt the target to download a file with malware or to give their login details.
    • Vishing: Like phishing but done over the phone. The attacker may spoof their phone number to make it appear to be coming from an official support center. Vishing can involve asking for remote access to the target’s computer or account credentials.
    • Spam Emails: Most spam emails get filtered, but well-written ones can bypass that. They can involve other strategies, such as phishing. These emails usually encourage people to download malware or provide personal details.
    • Baiting: Something that’s tempting and easy to find. Baiting can be physical, such as a USB stick with a company logo. It can also be digital, such as a famous movie download. These may use malware that infects both the device, and anything connected via a network.

How can you spot a social engineering attack?

It’s difficult to spot a social engineering attack because it can appear legitimate. Since these attacks use human factors like trust and authority, they often claim to be from credible entities. It’s a red flag when they ask for information already on file, or you get prompted to download an unexpected file.

Not all social engineering attacks have immediate consequences either. Backdoors are the second most used type of malware, which infects devices without your knowledge. After a while passes, it will activate.

Can cybersecurity help with social engineering?

Cybersecurity can help with some aspects of social engineering. Using multi-factor authentication will make leaked login credentials safer. Antivirus and anti-malware software will decrease the chance of your devices getting harmed. While there are many ways it protects you, it can’t always stop information or access already given.

How can you protect yourself from social engineering?

Protecting yourself from social engineering requires extra caution. While there are a lot of forms of social engineering, good email habits will prevent many attacks. A study by Social-Engineer suggests that 67% of people will give out their social security number, birth date, or employee count. Don’t give out sensitive data without validating the requester.

Based on ESET’s report, 74% of phishing emails include a Microsoft Windows executable file. They can disguise malware as routine documents such as Word, Excel, or PDF. If you download a file by accident, don’t click it, immediately delete it, then run an antivirus and malware scan.

Double-check links sent to you before clicking them, especially if the source is unverified. You can do this by hovering over the link text to see whether it leads you to the location claimed. When in doubt, type the website address rather than following a link.

Closing

Preparing for a social engineering attack is difficult. Some services can help you find vulnerabilities and areas to improve your security. ITonDemand’s Managed Security provides a variety of cybersecurity solutions and includes simulated phishing training. Combining knowledge with practice can help protect you from social engineering attacks.

Other Articles You Might Be Interested In:

Is IT Help Desk Outsourcing Worth It?

Is IT Help Desk Outsourcing Worth It?

Technology is a great tool, allowing people to work, collaborate, communicate, and adapt to day-to-day challenges. However, as device and software capabilities have continued to improve, it’s created more complex problems that people aren’t always equipped to handle....

9 Habits to Improve Your Cybersecurity

9 Habits to Improve Your Cybersecurity

Online threats are at an all-time high, making healthy cybersecurity habits more important than ever. According to a report by Risk Based Security, there were 28,695 vulnerabilities disclosed in 2021. They noted that even with resource prioritization, patching all...

How to Stop a Scammer Before It’s Too late

How to Stop a Scammer Before It’s Too late

You want to know when you have a virus on your computer as soon as possible.  

If you are unaware of a virus, you lost all your important files. One virus could your photos and digital life. Even thinking about it is terrifying.  

All scammers know we’d be lost without our computers. We don’t always know what’s going on behind the screen. This is why they’ve been able to con millions from everyday people across the world. 

Let’s get you ready to stop a scammer in their tracks: 

The most common scams:

You receive a random phone call from someone with a heavy accent claiming they’re with Microsoft. Or an alarming pop-up appears on the screen, saying “it looks like your system is infected with a virus.”  

They will direct you to download some support software, which they’ll give you a “special” link for.  

A technician then uses that software to gain access to your system. Once they have access, they’ll make it appear your system has tons of viruses. Flashing screens, mysterious diagnostics, fabricated errors… they’ll do anything to make you panic. They’ll even go as far as claiming your system has been infected with illegal content. Claiming that if you don’t actyou’ll be criminally charged.  

Demands for credit card information follow immediately after. Once paid, they stop messing with your systems to make it seem they fixed the issue. They will even recreate the problem so they can continue the scam. This time offering a subscription for ongoing protection. 

What to do if you’re targeted by a scammer

  1. Don’t taunt them. Hang up. You’re a phone number in their system, nothing more. They’ll move onto the next number if you ignore them. But, if you give them cause to target you, you may find yourself in a dangerous situation. The real Microsoft staff will never call people out of the blue. Ever.  
  1. If a pop-up appears, run an anti-virus scan. Don’t click the pop-up or call the number.

What to do if you’ve already been scammed

Don’t panic. It’s okay. It feels horrible, but you’re not alone and the situation can be corrected. 

Call your bank or card holder and have the charges reversed and your card reissued. It’s easier than you might think. You can stop the payment from going through and help the authorities locate the scammers. 

Be proactive and never be a victim again

We’re here to make sure your security is always set up. If you’re a business trying to keep your employees safe while remote, give us a call! Let’s make sure scammers are never accessing your computer again.  

Other Articles You Might Be Interested In:

9 Habits to Improve Your Cybersecurity

9 Habits to Improve Your Cybersecurity

Online threats are at an all-time high, making healthy cybersecurity habits more important than ever. According to a report by Risk Based Security, there were 28,695 vulnerabilities disclosed in 2021. They noted that even with resource prioritization, patching all...

read more
What Is Social Engineering and How Do You Stop It?

What Is Social Engineering and How Do You Stop It?

Social engineering has been gaining awareness in recent years, leaving many people wondering how to stop it. According to Purplesec's 2021 Cyber Security report, an alarming 98% of cyber attacks rely on social engineering. 71% of attacks involve malware, most of those...

read more

Hackers begin targeting VPNs as the world moves remote

Hackers begin targeting VPNs as the world moves remote

A few weeks ago, VPN use was limited, compared to today. Tens of thousands of businesses have moved exclusively to VPNs in the past week posing a unique security vulnerability and opportunity for hackers.

In an alert issued March 13, the Cybersecurity and Infrastructure Security Agency (CISA), a department of Homeland Security, encouraged organizations to adopt a heightened state of cybersecurity during this period.

Security Issues of VPNs

As organizations use VPNs for telework, more vulnerabilities are being found and targeted by malicious cyber actors. Virtual Private Networks or VPNs are a virtual “tunnel” that encrypts your data as it is sent from one point to another. Because VPNs act like a tunnel if one end is not secure (your home network), the other side (your business network) isn’t either. This presents potential vulnerabilities to networks that need to remain secure.

Maintain Your VPN Updates and Patches

Additionally, if VPNs are being used 24/7, organizations without managed services or dedicated IT personnel are less likely to keep them updated with the latest security updates and patches. Patches update known security vulnerabilities to maintain security. The longer your VPN goes without updates, the greater the risk for a breach.

Look Out for Phishing

Malicious cyber actors may increase phishing emails targeting teleworkers to steal their usernames and passwords. With log-in credentials, hackers are able to deploy the malware of their choosing or steal vital information.

The report also stated that organizations that do not use multi-factor authentication (MFA) for remote access are more susceptible to phishing attacks.

VPN Limitations

Organizations may have a limited number of VPN connections, after which point no other employee can telework. With decreased availability, critical business operations may suffer, including IT security personnel’s ability to perform cybersecurity tasks.

Alternative Options

If your staff has a desktop computer in the office, but they are at home and only have access to their personal computers and the internet, we recommend using ScreenConnect.

ScreenConnect provides secure remote access for your staff to work on their office computer, from any computer with an internet connection. Your staff can maintain the same desktop experience as if they were in the office, including line of business applications, filesharing, and most importantly security.

ITonDemand can add this service on a per-user/computer basis for only $5/mo. This service can easily be removed once life returns back to normal.

Fill out this form to get started using ScreenConnect

Other Articles You Might Be Interested In:

Is IT Help Desk Outsourcing Worth It?

Is IT Help Desk Outsourcing Worth It?

Technology is a great tool, allowing people to work, collaborate, communicate, and adapt to day-to-day challenges. However, as device and software capabilities have continued to improve, it’s created more complex problems that people aren’t always equipped to handle....

read more
A Guide to Managed IT for Healthcare, Medical & Dental

A Guide to Managed IT for Healthcare, Medical & Dental

The healthcare industry has continually adapted to the patient, staff, and regulatory needs. Information technology (IT) has been a key component of healthcare globally to support those demands. It’s allowed medical and dental practices to modernize their workflow and...

read more

LookBack Malware Targets Utilities Companies

LookBack Malware Targets Utilities Companies

LookBack looks to shutdown US Utilities

The U.S. utilities sector is starting to see higher levels of spearphishing attacks using “LookBack” malware. 

According to a security researcher, spear phishing email campaigns have been identified containing the malware initially targeting three major US utilities companies. The fraudulent emails impersonate a U.S.-based engineering licensing board, with emails originating from a threat actor-controlled domain.

The emails contain Microsoft Word attachments that use macros to install and run the LookBack malware. The malware specifically contains a remote access Trojan (RAT) module and a proxy mechanism used for command and control (C&C) communication. As soon as the attachment was opened, LookBack was initiated.

What to watch for:

Any email that contains attachments should receive hyper-vigilance and speculation. If you employ advanced email security, emails are scanned for malicious content and attachments but you shouldn’t leave that to chance. 

July’s LookBack attacks on U.S. utilities have not been associated with a known actor, and no infrastructure or code overlaps were identified.

PHISHING

Download our infographic and learn how to identify a phishing scam when you see one.

Other Articles You Might Be Interested In:

Is IT Help Desk Outsourcing Worth It?

Is IT Help Desk Outsourcing Worth It?

Technology is a great tool, allowing people to work, collaborate, communicate, and adapt to day-to-day challenges. However, as device and software capabilities have continued to improve, it’s created more complex problems that people aren’t always equipped to handle....

read more
A Guide to Managed IT for Healthcare, Medical & Dental

A Guide to Managed IT for Healthcare, Medical & Dental

The healthcare industry has continually adapted to the patient, staff, and regulatory needs. Information technology (IT) has been a key component of healthcare globally to support those demands. It’s allowed medical and dental practices to modernize their workflow and...

read more

Phishing Emails Disguised as Office365 File Deletion Emails

Phishing Emails Disguised as Office365 File Deletion Emails

Threat Level: High

A recently-discovered phishing scam pretending to be from the “Office 365 Team” is trying to trick users into their log-in credentials.

The alert notifies the user of an unusual volume of file deletions and urges users to review the activity.

When redirected, the users are encouraged to log-in to a page that is hosted on Azure, increasing the perceived legitimacy of the phishing campaign. The hackers have even gone as far as securing the page with a certificate signed by Microsoft.

It’s important to remember that Microsoft login forms will be coming from microsoft.com, live.com, microsoftonline.com, and outlook.com domains only.

If you think you may have been deceived by a phishing scam, it’s important to contact ITonDemand urgently to begin Incident Response.

For more information on avoiding phishing scams, download our phishing infographic below.

PHISHING

Download our infographic and learn how to identify a phishing scam when you see one.

Other Articles You Might Be Interested In:

Is IT Help Desk Outsourcing Worth It?

Is IT Help Desk Outsourcing Worth It?

Technology is a great tool, allowing people to work, collaborate, communicate, and adapt to day-to-day challenges. However, as device and software capabilities have continued to improve, it’s created more complex problems that people aren’t always equipped to handle....

read more
A Guide to Managed IT for Healthcare, Medical & Dental

A Guide to Managed IT for Healthcare, Medical & Dental

The healthcare industry has continually adapted to the patient, staff, and regulatory needs. Information technology (IT) has been a key component of healthcare globally to support those demands. It’s allowed medical and dental practices to modernize their workflow and...

read more

Ransomware hit a Michigan Doctor’s Office, The Results were Catastrophic

Ransomware hit a Michigan Doctor’s Office, The Results were Catastrophic

In recent months, hackers have begun targeting doctors offices and hospitals, receiving roughly 34% of all ransomware attacks. In an unprecedented incident, it just cost two doctors their practice.

What happened

Last month, the offices of Brookside ENT in Battle Creek, Michigan, experienced a ransomware attack. The hackers encrypted patient information and demanded a ransom in exchange for a password to decode the information. 

Drs William Scalf and John Bizon decided not to pay the ransom.

The hackers then proceeded to delete all medical records for the patients. The doctors had no record of anything from appointments to surgery results.

Some who had just undergone surgery are having difficulty receiving follow up care because there is simply no record of their surgery.

And because there is no patient schedule the doctors have to wait at their practice for someone to show up. There isn’t even a way to call and inform their patients as there are no phone numbers on record.

Rather than try to rebuild their practice from scratch, Brookside ENT will permanently shut their doors on April 30th, 2019.

It could have been worse.

If the hackers would have been able to view the information, not only would that have resulted in a HIPAA violation on the part of the doctors but it also would have compromised the identity security of all the affected patients.

What other practices can learn

Protect Your Email

91% of all malware originates in an email. Because each email account is a potential vulnerability, it’s important to employ a spam filter as well as provide training to your employees on identifying threats.

“…Education about the risks and preparedness are as important as IT security measures for protecting individuals and assets from cyber attacks,” said Katherine Keefe, Beazley Breach Response Services Head in response to the Brookside Ransomware attack.

Use Endpoint Malware Security

In the event of a ransomware attack, endpoint malware security can block lateral movement. This isolates the attack to a single device rather than encrypting every device on a network.

Endpoint security can also block the ransomware’s download of encryption keys.

Small Business, Big Target

Repeatedly, hackers are targeting small business because they are viewed as easy targets.

61% of all cyber attacks target small business.

This doesn’t have to be the case for your business. ITonDemand offers affordable and scalable IT solutions to partner in the prevention of these types of attacks.

PHISHING

Download our infographic and learn how to identify a phishing scam when you see one.

Other Articles You Might Be Interested In:

Is IT Help Desk Outsourcing Worth It?

Is IT Help Desk Outsourcing Worth It?

Technology is a great tool, allowing people to work, collaborate, communicate, and adapt to day-to-day challenges. However, as device and software capabilities have continued to improve, it’s created more complex problems that people aren’t always equipped to handle....

read more
A Guide to Managed IT for Healthcare, Medical & Dental

A Guide to Managed IT for Healthcare, Medical & Dental

The healthcare industry has continually adapted to the patient, staff, and regulatory needs. Information technology (IT) has been a key component of healthcare globally to support those demands. It’s allowed medical and dental practices to modernize their workflow and...

read more