Social engineering is a practice that has become very prevalent in recent years, and it takes diligence to know what attackers are up to and how to avoid them. In social engineering, perpetrators are relying on human error. They use psychological manipulation to gain your trust in hopes of accessing your sensitive information. These people go to great lengths to research their victims, gathering background information and looking for any weak points they can exploit.

As you can imagine, gathering background information on individuals isn’t too difficult. By studying and cross-referencing information posted on a variety of social media platforms, an accurate picture of someone’s life can be put together very quickly.

What does social engineering look like?

Attackers will contact their targets through spam emails and calls, typically with something enticing or a “red-flag” warning that your personal information has been compromised. These tactics are designed to elicit an emotional reaction out of you – excitement, curiosity, or fear.

You might receive an unexpected email that appears to be from someone you know. They’ve attached a file that looks fun, so you don’t hesitate to open it. This attacker has hooked you with curiosity and accessed your computer. In another scenario, one popular email spoof is the fake PayPal email telling users that they need you to verify your information. When you get concerned about your PayPal account, you are more likely to open this email. Attackers have just tricked you and accessed your financial information. Yes, it can happen that fast.

Tips to protect yourself

With this being such a pervasive problem, it’s important to stay ahead of the game. Here are a few things we recommend to help protect you:

  • Know that any unsolicited request for your personal information is a scam.
  • Keep an eye on your social media account activity.
    Be wary of unknown notifications or people trying to connect with you. Remember, if someone cross-references you on Instagram, Twitter, Facebook, LinkedIn, etc., they can get a specific and accurate description of you, your close friends and family, your preferences, habits, and even your schedule.
  • Be mindful of what you post online.
    As a general rule, if you don’t want a stranger to know it, don’t post it online! If you have posted some content that you’d rather not have out there, take time to edit or delete those posts.
  • Do some research.
    If you receive an unfamiliar email, call, or contact request, search for names/numbers/other instances of spams and scams online. You can usually find out pretty quickly that yours is not an isolated incident.
  • Be careful what you open and download.
    If you don’t recognize a file, regardless of how tempting the sender’s words might be, DON’T OPEN IT, and DON’T DOWNLOAD IT.
  • Pay attention to your gut feeling.
    If something seems suspicious, it probably is.
  • Use firewalls, anti-virus software, and spam filters.
    Search online to compare products, pricing, and find something that will meet your specific needs. These days, many of these products are free or very cost-effective.

When it comes to social engineering, a little diligence goes a long way. Once these tools and mindsets are in place, you’ll be able to rest a lot easier knowing that you’re protected against these attacks!