Social Engineering:
Describe the method of threat
It is a practice of using non-technical means, usually by communication through phones, which is to attack a target.
How it works?
They can pose as employees of the company or organization. They can ask questions to gain the trust of the person, this might include getting the confidential information
- Phishing (most common technique on the internet)
Hacker can get data or information from the website where the user put their information
- Using attachments to email
In this, malware is used to attack users address book and send emails with the file's attached to all of the user's contact
Provide example how it affect a system
When a hacker calls a company to pretends they are from the internal IT department and they will start asking the employee for sensitive information that can help them to gain access to the network.
Describe how to prevent such threat
- Delete any request to personal information or passwords
Delete any request through email that asking for your personal information because no one should be contacting your personal information through email, this is a scam.
- Reject any requests for help or offers of help
This social engineers may request your help with your information or they might also offering to help you (as a technician).
- Set your spam filters to high
Email has a spam filter, so check your settings and set them to high in order to avoid risky messages coming into your inbox and dont forget to check them always because it is possible that any messages could be trapped from time to time.
Install an antivirus software, firewalls and email filters and also set your automatic updates on and only access the secured websites
References:
Wordfence. (2019). Understanding Social Engineering Techniques. [online] Available at: https://www.wordfence.com/learn/understanding-social-engineering-attacks/ [Accessed 12 Apr. 2019].
Maureen Data Systems. (2018). 5 Ways to Prevent Social Engineering Attacks. [online] Available at: https://www.mdsny.com/5-ways-to-prevent-social-engineering-attacks/ [Accessed 12 Apr. 2019].
Panda Security Mediacenter. (2014). How does social engineering work? - Panda Security Mediacenter. [online] Available at: https://www.pandasecurity.com/mediacenter/security/social-engineering/ [Accessed 17 Apr. 2019].