A social engineering attack is when someone is manipulated to perform a specific action. Social engineering attacks are either in person, over the phone, or electronic, such as email or other messaging systems. No matter what method is performed, there are some key similarities.
Do
you know the
signs?
There is a request
for non-public information or to
perform an action of some sort,
such as sending money, or
downloading software.
Any event that
results in damage, corruption,
misuse, or unauthorized exposure
of confidential data, whether
the event was deliberate or not.
There is a
request for non-public
information or to perform an
action of some sort, such as
sending money, or downloading
software.
Any event that
results in damage, corruption,
misuse, or unauthorized exposure
of confidential data, whether
the event was deliberate or not.
There is often
a sense of urgency. That is, you
must do this now or there will
be repercussions, such as lost
data.
There is often
a significant reward for acting,
such as financial gain or
avoiding computer damage.
There is often a
sense of urgency. That is, you
must do this now or there will
be repercussions, such as lost
data.
There is often a
significant reward for acting,
such as financial gain or
avoiding computer damage.
DO
NOT reply or
provide any non-public
information or perform any
actions unless the request has
been valid.
If you think you are receiving a request that may be part of a social engineering attack, contact your security department so they can take appropriate actions.