Social Engineering
Social Engineering is a way that people use normal social interactions to manipulate people to breach security. It isn’t limited to any technology or system, it can be conversation, texting, body language, or email.
The goals of Social Engineering are typically sensitive or personal information, but it can be used to access secure systems. Social Engineering is used for fraud, identity theft, or can be the prelude to a more serious hack.
Usually Social Engineering plays on a person’s expectations and emotions. Sometimes it means a person is pretending to be a delivery person, or they could pretend to be frazzled and running late. They play on our gut reactions in order to bypass our reasoning.
There is no single technology or strategy that can defend against social engineering. Each person is the front line against this kind of intrusion. The critical element to protect yourself and your organisation is critical thinking.
How to Avoid Being a Victim?
Keep your eyes open and ask yourself questions:
These questions might give you a sense that something is off about a situation. Be diligent and double-check information. Verify information with a trusted third party. Don’t take everything at face value.
What to do if you think you are a victim?
If you believe you might have revealed confidential or sensitive information about your organization, report it to the appropriate Security or Privacy people within your organization.
What additional steps can you take to protect your privacy?
Resources
Canadian Anti-Fraud Call Centre
Scams, Fraud and Economic Crime
Source: Office of the Chief Information Officer BC -Gov.bc.ca
Please help us improve our website by providing your feedback