Can your business stop social engineering attacks?

by Kyle Machado // Webroot writer

So what makes social engineering so effective? Cybercriminals use social engineering tactics and prey on our instinct to help one another. And as it turns out, those instincts are so strong that they can override our sixth sense about cybercrime.

Social engineering attacks like phishing, baiting and scareware have skyrocketed to take the top spot as the #1 cause of cybersecurity breaches.

But our urge to help people isn’t the only thing driving social engineering. Criminals are using new methods that target the vulnerabilities of hybrid workforces. These new tactics circumvent single layers of security and are so successful, cybercriminals are using them to target office workers.

Read on to learn how social engineering works, how to spot social engineering and how to stop social engineering.

How does social engineering work?

Social engineering is a type of cyberattack where criminals use deception to trick their victims into voluntarily giving up confidential information.

Here are some common social engineering tactics:

  1. Using social media to find personal information.
    Criminals are heading to social media sites like LinkedIn to find their next victim and using any personal information they find to craft convincing phishing emails.

  2. Impersonation.
    Cybercriminals are taking advantage of the anonymity that comes with hybrid work arrangements to impersonate people. If you’ve never met anyone in your IT department, it’s hard to know when someone is impersonating them.

  3. Targeting personal devices used for work.
    With the hybrid work boom here to stay, the lines between work and home life are blurring. Employees are now using work devices for personal matters and personal devices to connect to work. The problem? Personal devices often lack robust security.

How to spot social engineering

So how do you spot social engineering scams? Here are some of the tell-take signs you’re being targeted:

  1. Asking for log-in information.
    If you get a message asking you for log-in credentials – even if it’s from a trusted source – you’re probably the target of a social engineering attack. There’s no reason why someone else needs your login info, even if it’s your boss or your IT department.

  2. Urgently asking for money.
    Along the same lines, there’s almost never a reason why someone – even someone you know – would urgently need money.

  3. Asking to verify your information.
    This type of social engineering asks victims to verify their info to win a prize or a windfall. But even if the message comes from a legitimate organization doesn’t mean it isn’t a scam with criminals spoofing an email or impersonating a business.

How to stop social engineering attacks

Now that you’ve learned the newest tactics and how to spot social engineering, all you need is to learn how to stop it.

Forrester recommends layered defenses for preventing social engineering strategies like phishing.* That’s because most social engineering attacks are so good at getting past single layers of cyber protection.

You and your business can stay safe from social engineering scams by combining Endpoint Protection and Email Security. You gain even more protection if you are able to add on Security Awareness training and DNS Protection.

Each layer you add gives you a better chance of stopping social engineering tactics.

Want to learn more about social engineering and how to stop it?

Whether you’re looking to protect your business or customers, connect with our technology consultants to learn more about how Carbonite + Webroot can make your organization more secure. Carbonite + Webroot offers the solutions you need to establish a multi-layer approach to combating these threats.

By adopting a cyber resilience posture, your organization can mitigate risks in the ever-changing cyber threat landscape.


TeleSwitch partners with Carbonite +Webroot, offering leading security, backup, and data recovery solutions that are effective, and simple to adopt, allowing customers to implement innovative technologies that bring the flexibility and reliability that they are looking for in their security strategies.

You can find the original source and some additional information by visiting the Webroot website or using the direct link below.
2022: The threat landscape is paved with faster and more complex attacks with no signs of stopping

Previous
Previous

Why Is It Essential to Provide a Top Digital Customer Experience

Next
Next

How to Build a Profitable Inbound Contact Center