Social engineering has become the new buzzword in the digital sphere. The tactic is used in more than 66% of all online hacking threats today and is becoming a major international problem.
Phishing accounts for 77% of all socially based attacks.
Hackers use social engineering as a form of deception to manipulate people into handing over their personal or confidential information so they can use it for fraudulent activities.
Here, Bold Business highlights the main ways in which social engineering occurs so that you can protect yourself and your business from hackers.
4 Examples of Social Engineering Hacking
According to Fortune, there are four examples of social engineering occurring today:
1) Vishing (voice deception): This includes phone scams where criminals call a victim to get hold of their personal information and change passwords to bank accounts, email accounts and more.
2) Phishing (email deception): In which the hacker uses emails to gain personal information from a user, usually in the guise of an official bank email asking for financial and log in details.
3) Impersonation: Where an individual can enter your personal space or business and pretend to be an official to gain confidential information.
4) Smishing: This is a relatively new form of deception, and uses text messages to impersonate official organizations to gain personal information.
According to Social Engineer, an agency that offers training and consultation on how best to fight this new wave of hacking, social engineering is a form of manipulation that isn’t particularly sophisticated or unique but is able to press the right buttons with victims.
“Phishing accounts for 77% of all socially based attacks, but businesses targeted in vishing attacks lost $43,000 per account, and individuals targeted through impersonation attacks lost $4,200 on average,” Social Engineer states.
Top Social Engineering Scams
Fortune has listed the top scams that Social Engineer says both businesses and consumers should be aware of in 2017.
1) The IRS scam: Hackers call their victim claiming to be from the Internal Revenue Service (IRS). The hacker will already know quite a bit of information about the user, like their address and other personal details, and will then try to gain further information. The hacker then tells the victim that they owe a small amount in unpaid taxes, normally a few thousand dollars then gives them a bank account to transfer the money.
2) Ransomware: A prime example of this were the recent cyber-attacks in the UK, where hackers targeted NHS hospitals and infected computer terminals with malicious software. Each computer terminal had to pay $300 to unlock their device and to stop the hackers from deleting personal and confidential information for millions of patients. The practice is widespread right around the world.
3) Business Email Compromise or BEC scams: The hacker will break into an email account to obtain the financial data stored there, through emails containing bank statements or wire transfer details. They can sometimes gain access to the information by sending an email containing malware which once opened infects the computer and the information can be captured. This practice is particularly damaging to businesses because employees will unwittingly help hackers gain access to such information.
Considering all the above, it’s extremely important to ensure that businesses invest in effective cyber security measures. Hackers are finding new and sophisticated ways of infiltrating businesses on a daily basis, so it’s important to counteract these threats by ensuring your devices are secure.