Social Engineering Attacks and Tips to Prevent

Social engineering describes one method hackers use to gain access to your sensitive information. As the name suggests, this type of scam uses information found on social media platforms to impersonate a specific individual for malicious purposes. In this article, we will take a deeper look at the keys to identifying social engineering tactics and protecting yourself from these attacks.

What does a social engineering attack look like?

To clarify, as with all scams, social engineering attacks may take many forms. Furthermore, the top two most common scenarios include:

1. An email/text message/social media message from a friend.

When a hacker gains access to a person's account, they also gain access to their entire contact list. If you receive a message from a friend that contains a link or prompt to download something, think twice before clicking. Delete the message immediately if it seems suspicious in any way. Reach out to the person to determine if it was legitimate or to inform them that they possibly hacked.

Example: A friend sends you a message on social media containing a link to a new music video. Once you click the link, your device will be infected with malware. This allows the hacker to gain access to all of your personal data.

2. An email/text message/social media message/call from a trusted source.

Hackers rely on gaining your trust so that you willingly give up your information. This may come in the form of urgently asking for your help, requesting that you donate to their charity/fundraiser, notifying you that you are a "winner," or asking you to verify your information in order to solve a "problem" for you. Ignore any request for your financial or personal information unless you are confident that the person asking is authentic.

Example: You receive a call from someone claiming to be a representative of your financial institution. They inform you of suspicious activity on your account. Then, they tell you they need you to verify some information (like your account number or social security number) in order to assist you. To be sure that you're really talking to your bank, hang up and call the customer service number. This way you can determine if the call was legitimate.

Tips to protect yourself and your information from this type of attack

The best ways to avoid getting hacked are to identify when something seems off and to understand what information you are sharing online. Here are the top tips to follow to protect yourself:

  • Be suspicious. Unless you know for sure, never assume the person you're speaking with is who they say they are.
  • Social Engineering Attacks and How to PreventBe wary of links and downloads. If you don't personally know the sender and aren't expecting the message, don't click.
  • Ignore foreign messages. If you receive a message from a foreign sweepstakes or request for help, it's guaranteed to be fraudulent.
  • Be careful with what you post. Social engineering hackers can use everything you post on social media to gather information about you. So, if you wouldn't want a hacker to know, don't post it on the internet.
  • Utilize your spam filters. Every email account comes with spam filter options. Keep your filters on high for the most protection. However, it's a good idea to periodically check your spam folder for legitimate emails that got put there by mistake.
  • Keep your devices secure. Stay current on anti-virus software, firewalls, and operating system updates.

Having an online presence means your personal information is always at risk. Therefore, you have the massive responsibility of protecting your personal information. Knowing what you are sharing and being able to identify suspicious behavior are key in preventing a social engineering attack.