A common misconception people have about cyber attackers is that they only use advanced hacking tools and technology to break into people’s computers, accounts and mobile devices. This is simply not true. Cyber attackers have learned that one of the easiest ways to steal your information or hack your computer is by simply talking to and misleading you. This is called social engineering.
Social engineering is a type of psychological attack in which a hacker tricks you into giving them something they want. Social engineering attacks can happen with almost any technology, including phishing attacks via phone calls, email, text messaging, Facebook messaging, Twitter posts, or online chats. The key is to know the signs. Learning how to prevent, detect and stop social engineering attacks is one of the most effective steps you can take to protect yourself.
Use common sense. If something seems suspicious or does not feel right, it may be an attack. Some common indicators of a social engineering attack include:
- Someone creating a tremendous sense of urgency. If you feel like you are under pressure to make a very quick decision, be suspicious.
- Someone asking for information they should not have access to or should already know.
- Something too good to be true. A common example: You are notified you won the lottery, even though you never bought a ticket.
If you suspect someone is using a social engineering method to get something from you, stop communicating with the person. If it is someone calling you on the phone, hang up. If it is someone chatting with you online, terminate the connection. If it is an email you do not trust, delete it.
This is part 1 in a two-part series. In part 2, we will share tips to prevent social engineering attacks.