Small business owners may think that while their network and systems are safe from malware, they have nothing to worry about. However, they may not be prepared for social engineering. Social engineering, a form of cyber crime, is used to steal personal information from users. It goes beyond just phishing scams, using more complex methods to steal information.
Here are some common social engineering scams you should know.
Phishing
This is the most frequently used social engineering attack, especially against small businesses.
How is phishing carried out? Criminals make use of emails, phone calls, or text messages to steal money. Victims are directed to phony websites or hotlines and are tricked into giving away sensitive information. Information like names, addresses, login information, social security, and credit card numbers can all be compromised.
To protect yourself, be wary of emails from people you don’t know that offer you a prize, come with attachments you didn’t request, direct you to suspicious sites, or urge you to act quickly. Phishing emails usually appear to come from reliable sources.
One of the most infamous and widespread examples of phishing was during the 2016 Summer Olympics in Rio, where victims received fraudulent emails for fake ticketing services that stole their personal and financial information.
Tailgating
What’s the fastest and easiest way for criminals to enter a secure office? Through the front door, of course! Tailgating happens when an employee holds the door open for strangers and unauthorized visitors, allowing them to infiltrate an organization. This simple act of kindness enables fraudsters to enter restricted areas, access computers when no one is looking, or leave behind devices for snooping.
Quid pro quo
Here, scam artists offer a free service or a prize in exchange for information. They may lure their victims with a gift or special offer in exchange for login credentials, account details, passwords, and other important information. Or hackers may volunteer to fix their victims’ IT problems to get what they want. In most cases, the gifts or special offers are fake, but damages from stolen information are all too real.
Pretexting
Criminals who pretend to be someone else to steal information. They may pose as a telemarketer, tech support representative, co-worker, or police officer to fish out credit card information, bank account details, usernames, and passwords. The con artist may even convince the unsuspecting victim to apply for a loan over the phone to get more details from the victim. By gaining the person’s trust, the scammer can fool anyone into divulging company secrets.
Despite the many security measures available today, criminals and their social engineering schemes continue to haunt and harm many businesses. So, your best bet is to prepare for the worst. To protect sensitive information, educate yourself and be careful. Remember: If anything is too good to be true, it probably is!
Please contact us to learn more about our cyber security initiatives and how we can help keep your business safe and secure.