In the context of information security, Social Engineering or human hacking is the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.
Another definition puts it this way… Finding flaws in human nature and exploiting them.
Social engineering attacks are not only becoming more common but they are becoming increasingly sophisticated.
With hackers devising ever-more clever methods for fooling us into handing over valuable personal information.
Commonly, social engineering involves email or other communication that invokes urgency, fear, or similar emotions in the victim, leading the victim to promptly reveal sensitive information, click a malicious link, or open a malicious file.
Because social engineering involves a human element, preventing these attacks can be difficult.
I will share some practical tips including some I found online to help us recognize social engineering attempts and avoid the hurt and havoc they can cause us and all those connected to us
1. Perform regular backups of your data… either to an external drive or somewhere in the cloud… just in case your data is compromised on your computer, laptop or mobile phone. After backing up, disconnect your drive or the connection to the cloud location because recent ransomware are known to encrypt your backup drive as well.
2. DO NOT open emails in the spam folder or emails whose recipients you do not know. DO NOT open attachments in emails of unknown origin.
3. Use a reputable antivirus software - I recommend Sophos but others include MacAfee, Norton Symantec, Kaspersky etc.
4. DO NOT pay the ransom. The reason why the criminals keep utilizing this form of blackmailing attacks is that people keep paying. To try to get your data back, consult a professional in your area.
5. If it is too good to be true then it probably is… Don’t download programs from unknown sources…
6. Do not use easy to find questions when securing your access to portals e.g. Mothers Maiden name, Best Food, First School attended as your friends who may be hackers themselves cn guess this… Also some of this information is usually in the public domain. Hackers can request a reset of your password hoping you used these security questions.
7. Always use Strong Passwords - The first account a hacker will target is your email account because if he requests a password reset… the information will be sent via email… let’s be wise… set strong passwords and change your passwords regularly…