Social Engineering – Are Your IT Systems Secure?

03 Mar Social Engineering – Are Your IT Systems Secure?

No longer do we suffer from just the overt ‘confidence trickster’, the robber with the ‘SWAG Bag” or the ‘long sales pitch’ in the living room with the elderly person hounded into an expensive purchase that you hear about in the local paper.

Fraudsters have become far more covert and sophisticated with the use of technology. While the internet has grown so have the lengths to which ‘Hackers’ will go to commit fraud.

So what is Social Engineering?

It is termed (within the context of the technology industry) as Social Engineering. It refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional “con” in that it is often one of many steps in a more complex fraud scheme.

Hackers don’t just attack a company, they attack what they perceive to be the soft targets…the end user! Online fraudsters are constantly evolving techniques and ways in which to extort money or generally disrupt not just businesses but individuals too.  With half the worlds’ population of 7.5 Billion people now online our world is a hacker’s oyster….

One of the hackers main ‘battle ground’ is Email

What might look like a fairly innocuous email from a source you recognise, just by opening it or clicking on a link within the email, you could unwittingly download some malware onto your pc/ tablet/ laptop/ hand held device or phone which has then infected your device and potentially others on your network. This can have disastrous effects from simply slowing down your technology to completely disabling it and rendering it useless, you could end up being ransomed for your data which is both incredibly costly and disrupting.

How can we combat this type cyber-crime?

1. Invest in good anti-virus software to minimise the risk of infections, implement network anti-malware software, scan email for malware, regularly review firewall security.
2. Ensure proper IT protocols are in place – train your users to adopt ‘a healthy level of suspicion’ especially when it comes to opening emails, clicking links and opening unsolicited files, allowing other people into the office buildings or using external keys or usb sticks.
3. Enforce strong password policies with a mix of uppercase, lowercase, numeric and characters’ or where possible use Two Factor Authentication (2FA)
4. Foreign offers are generally fake such as; lottery wins, offers of money from an unknown relation/ relative or requests to transfer funds are to be avoided
5. If you don’t know the sender or aren’t expecting it…Do not disclose personal information on the phone, by email or on social media. Do some checking don’t use numbers in emails, do your own research and delete any requests for financial information or passwords.
6. Time and intuition are important, scammers want you to act fast, so slow down and look before you click links or download files
7. Backups are essential… Back-up, Back-up, Back-up!

Read the National Cyber Security Centre’s summary

Newman Business Solutions has over 20 year experience in the Information Technology sector, we have many long term customers and are always keeping our customers current whilst futureproofing their technology to keep them abreast of the changes. Newman pride themselves on their straight-talking, ‘non techie’ speak, endeavouring to match the solution with the client need and taking time to understand the customers’ processes. We offer proactive IT support and have regular technical reviews with our clients to ensure quality of service.