2019 Cybersecurity Awareness Month: Social Engineering
Our nature is to trust other people until given reason not to do so. Social engineers take advantage of this tendency to coax us into divulging information like login credentials or answers to website security questions. They appeal to our desire to be helpful, and they count on us to act first and think later. Social engineering includes attacks like phishing and malicious email attachments, but since we will cover these in more detail later in the month, our focus this week will be on scammers manipulating people to obtain information or induce an action. Social Engineering is the gateway into a significant percentage of cyber crimes.
Watch how easily people on the street can be enticed to divulge passwords:
Jimmy Kimmel: What is Your Password?
We laugh, but more of us would fall for social engineering than you might think. We naturally want to be congenial, and subconsciously we would rather reveal personal information than cause offense. It is okay, though, to keep your personal information private.
Many of us reveal personal information without even being asked. Some common security questions used by websites are
- Where did you go to high school?
- What is your pet's name?
- What is your favorite team?
How many questions like these can be answered by your Facebook, Twitter, or Instgram pages? With these few pieces of information, social engineers can gain access to bank and credit card accounts. There are steps you can take to protect yourself, such as limiting the personal information in your social media accounts and making your account private.
Watch This Hacker Break into My Cell Phone Account in 2 Minutes
We are trusted with a lots of very personal information about students and others in their households. It is important that we take very seriously our responsibility to safeguard that information. Don't fall for social engineers!