As we all know, theft is nothing new. But as our lives become increasingly digitized, the tricks thieves use are continually changing. Unfortunately, that means the tools criminals exploit evolve faster than our understanding of the technologies that make us vulnerable to conmen. Yet despite what Hollywood would have you believe, hackers are rarely as sophisticated as we imagine them.
While many hackers can (and do) bypass weak passwords, take control of websites to steal personal information, and construct viruses to infiltrate the personal information stored on our computers; simple human naivety is far more often the path hackers use to commit their crimes. This common, yet little discussed, form of hacking called ‘social engineering.’
What is Social Engineering?
Social engineering is a digitally oriented con, which exploits people rather than software. Instead of finding weaknesses in the digital infrastructures they wish to access, hackers exploit the human element in the security systems that protect our personal and financial data. Whether impersonating repairmen, IT professionals, bank workers, or the victims of their fraud; social engineers manipulate people to obtain passwords and sensitive information, which they then use to access financial data.
Common Hacks to Watch Out For
One common hack involves social engineers who impersonate customer service representatives from banks or credit card companies. They call you and tell you your account has been compromised and that you need to set a new password. Often, these hackers will try to establish their legitimacy by providing some basic information that they’ve obtained either through accessing your email or sorting through your trash (such as your account number and the last 4 digits of your SSN). You give them the password, and they suddenly have access to your financial accounts.
Another common con is perpetrated by hackers who pose, in person, as company representatives or consultants at your company. Using forged security badges, tailgating their way into your company parking lot or office building, and wielding clipboards; they pretend to be tech support or consultants and ask for access to your computer or to confirm your account information.
Phishing scams are also quite popular today amongst digital criminals. Sending out emails that purport to be from financial institutions, they ask for login information and provide fake links to your account—saying, for example, that you have an important message or alert to read.
Often, social engineers will pose as social media friends to learn information about you, which they can then leverage to manipulate you into giving up your info.
8 Ways to Prevent Social Engineering
- Shred Your Documents! Don’t allow hackers the opportunity to obtain data about you through papers you failed to dispose of properly.
- Never enter passwords or personal info from links provided in emails. Legitimate financial institutions will never ask for them via email.
- If your bank or credit company calls saying your account has been compromised, hang up and call them back with the number listed on the back of your card.
- Always ask for credentials and confirm with your superiors before giving out sensitive information to strangers at work—no matter how authoritative or official they seem.
- Use different logins and passwords for each service. That way, if one account is compromised, they won’t all be.
- Password protect your computer, and don’t allow your internet browser to auto-fill the passwords for your financial websites.
- When shopping online, use credit cards rather than debit cards. If the latter are compromised, your entire bank account is at risk.
- Frequently check your accounts and monitor your personal data. This one is common sense. If something happens to your accounts, the sooner you know, the faster you can respond to minimize the damage.
While it is impossible to protect yourself against every possible threat, simply being aware of the dangers and taking some basic precautions against them will drastically reduce your odds of falling victim to social engineering. Even a small amount of vigilance will make you a harder target than most, so that even if you do encounter a hacker, they are more likely to move on to an easier victim if you can demonstrate suspicion and awareness.
Ultimately, understanding the potential threats and recognizing your own vulnerabilities are the two best ways to keep yourself secure in today’s digital landscape.
License: Creative Commons
License: Creative Commons image source
Author: Jenny is a graduate of engineering and would like to keep your knowledge up to date on all kinds of engineering and ones that can be harmful. Jen invested her time working in telegraph engineering careers in the field of scientific engineering and even worked in a lab; if you want to work in engineering make sure you get involved in the right kind of engineering too!