The technology of crime is evolving, and criminals keep getting smarter every day. When technology proves too difficult to exploit, criminals resort to collecting information, such as passwords and bank information, from their targets via social engineering. If you’re worried about the ability of your employees to avoid scams such as these, read on as I have a few quick tips for you.
As more and more of our information moves into the digital realm, criminals are turning to social engineering to trick people into trusting them with their delicate information. These attacks may come in the form of messages, baiting scenarios, fake company responses, to name a few.
Most often, messages are sent to users in the form of an email that might contain a link or something to download. Although they may look legitimate, these emails often contain viruses; once the link is opened or you attempt to download it, a virus latches onto your computer, giving its creator free access to your email account and personal information.
Emails such as these can also come with a compelling story about needing help, winning the lottery, or even paying taxes to the government. Under the veil of legitimacy, criminals will ask you to trust them with your account details so they can either reward you or help you avoid fines and punishments. What you actually get is a bad case of identity theft.
In another scenario, criminals will bait their targets with “confidential information regarding their account.” This may come in the form of fake company messages that appear to be responses to your claims, which are followed up by a request for login details. What you’re actually doing is giving them all of your keys.
- Always ensure that you delete all spam from your email, and thoroughly research sources before responding to claims from a company — even if it seems like the one you normally use.
- The same applies for links. Confirm the destination of any link before clicking on it. Sites like bit.ly are often used to shorten long and cumbersome links, but because users have grown accustomed to them they are often used to hide malicious misdirections.
- Nevergive out sensitive information that includes your password, bank information, social security, or any other private details. No respectable financial institution will request this type of information through email or a site other than their own.
- Last but not least, continuously check that all your devices are protected by the most recent antivirus software, system updates and patches.
Cyber security is essential to the success of any modern business. Don’t let yourself become victim to criminals who have mastered the art of social engineering.
Bob Milliken is the TheITguy@CascadiaSystemsGroup.com specializing in helping businesses with their IT needs and are experts in business continuity and guaranteeing complete IT redundancy. Connect with him at 604.270.1730..