Malware is just one way hackers and scammers can get you. Another common tactic is social engineering—a collection of methods that exploit vulnerabilities in human behavior to steal sensitive info, takeover accounts, or otherwise infiltrate your life. Businesses and individuals alike can suffer big losses from successful campaigns.
OUr TOP Pick for antivirus software
But while antivirus software can block malware, including those that involve social engineering (e.g., scareware), it can’t stop all types of social engineering attacks. New variants continue to emerge, with no signs of stopping.
You must keep watch yourself—which is easier if you know the key signs to watch for. At the recent 2024 RSA cybersecurity conference in San Francisco, Microsoft broke down social engineering attacks into three distinctive pieces. Once you become familiar with them, they’re easy to spot.
A sense of urgency
Tech Advisor
In a social engineering attack, you could be contacted about a misdelivered package, fraudulent bank transaction, loved one stranded overseas, secret shopping deal, or any number of situations—all of them designed to leverage a sense of immediacy. Act quickly, or lose out.
That inherent sense of urgency is a key factor in social engineering attacks. We humans don’t think as clearly or thoroughly when rushed, and that’s exactly what bad actors are counting on.
What to do: No matter how serious the situation, take a moment for review. Financial issues? Look up the official phone number for the purported caller, be it your bank or the IRS, and use that instead. Friend stuck in a foreign country with no money? Message them directly over your usual mode of communication and get more details.
An appeal to your feelings
Alex Photo Stock / Shutterstock.com
<div class="lightbox-image-container foundry-lightbox"><div class="extendedBlock-wrapper block-coreImage undefined"><figure class="wp-block-image size-large enlarged-image"><img decoding="async" data-wp-bind--src="selectors.core.image.enlargedImgSrc" data-wp-style--object-fit="selectors.core.image.lightboxObjectFit" src="" alt="Love Scam" class="wp-image-1951006" width="1200" height="600" loading="lazy" /></figure><p class="imageCredit">Alex Photo Stock / Shutterstock.com</p></div>
</div></figure><p class="imageCredit">Alex Photo Stock / Shutterstock.com</p></div>
Urgency is an effective part of social engineering attacks because it preys on emotion. It sparks fear, which often overrides better judgment.
But social engineering can get you through other emotions, with some of them actually positive in vibe. One example given by Sherrod DeGrippo, director of threat intelligence strategy at Microsoft, was the receipt of an email about divorce paperwork for review. For a married person, this phony message could inspire panic and a click on a malware link—but even a single person could end up infected with dangerous software. Why? They clicked out of sheer curiosity.
What to do: Before running with any impulse, first ask yourself what (or who) could be on the other side of the email, message, or call, especially if the message has no relation to you. If it could be legit, initiate contact separately, using known channels. But if not, just ignore the communication.
A play on your habits
Login to add comment
Other posts in this group
Nothing beats the warm nostalgic feeling of watching childhood home m
Sure, cloud storage is pretty awesome, but there are just so many ris
Several years ago, I got to play with the Acer ConceptD 7 SpatialLabs
The bell is tolling for Windows 10, with the much-loved operating sys
Ever completely stop for a moment, struck breathless by beauty? The P