• News
  • Security
  • Products
  • About Seqrite
Seqrite Blog Blog
  • News
  • Security
  • Products
  • About Seqrite
Home  /  Uncategorized  /  What is social engineering? How criminals take advantage of human behavior
social engineering
14 September 2018

What is social engineering? How criminals take advantage of human behavior

Written by Seqrite
Seqrite
Uncategorized
  • 7
    Shares
Estimated reading time: 3 minutes

For all the high-tech security that is employed, an organization’s biggest chink in its defense, when it comes to cybersecurity, can be its own employees. That is not to say that these employees are deliberately doing what they are, it’s that they are being tricked by malicious forces. This is called social engineering and it’s one of the key ways criminals use to attack their targets.

Social engineering is completely psychological and takes advantage of human fallibility. Those who employ these tactics try to human beings into revealing personal data. This can be an extremely effective tactic as it means the criminals can completely bypass the security framework, often painstakingly installed at much cost by an organization, to hit their target. Some common social engineering tactics:

Phishing

Probably the most common social engineering tactic available, phishing has become unfortunately extremely common mainly because it is so effective. The basic tactic of phishing is to misguide unsuspecting employees into either revealing personal information or clicking on suspicious links which are disguised.

Familiarity Exploit

Through this technique, criminals pretend to be someone who is familiar to the target. They can create a fake account of a known co-worker using his/her name and photos and send emails to the target, who may reveal confidential information unless they spot the imposter. In a physical setting, they may even strike up conversations with people in the organization to ensure they become known and familiar.

Tailgating

A common social engineering tactic, tailgating refers to the unauthorized entry of an individual within a premise. Organizations actively try to prevent tailgating but criminals can use social engineering tactics to go beyond. They may request individuals to allow them inside an area, taking advantage of a human being’s innate tendency to not antagonize a stranger.

Criminals have been taking advantage of human behavior from time immemorial. Hence social engineering is not a new tactic. What has changes is that those same tactics have been tweaked to fit into this age of information where data is king. To prevent against social engineering attacks, the following advice may be useful:

Awareness of social engineering – Unless employees of an organization know exactly what they are against, it’s pointless to try and make them defend it. For example, many employees may not even know what the term “social engineering” means. Hence awareness of it is always the first step. Security teams should conduct regular awareness sessions about social engineering so that employees are aware of what it is and how to safeguard against it.

Keep strict infosecurity policies – These should apply to both physical and digital security. For example, companies must have strict policies on access control to prevent tailgating as well as how systems are used. From a digital perspective, organizations should come up with and strictly enforce policies which regulate how employees are supposed to deal with requests for information. There should also be monitoring to ensure compliance.

Anti-phishing – Since phishing is the most common form of social engineering attack, it is important that organizations employ anti-phishing measures in their cybersecurity solutions. In that respect, Seqrite’s Endpoint Security and Unified Threat Management solutions offer protection against phishing attacks which are thwarted before they can enter the network.

Run regular audits – It is important to run regular audits to test your cyber durability. Organizations should consider running specialized audits to check responsive for social engineering attacks. The results should be regularly audited to gauged the preparedness of the organization for the same.

As an IT security partner for your business, Seqrite provides comprehensive security from advanced cyber threats. To know more

 Previous PostCVE-2018-8440 – Task Scheduler ALPC Zero-Day Exploit in the...
Next Post  Rise of security risks on Mobile
Seqrite
About Seqrite

Follow us for the latest updates and insights related to security for enterprise networks. Subscribe to our newsletter to stay...

Articles by Seqrite »

Related Posts

  • Gorgon APT fractures India’s Industrial Backbone

    Gorgon APT targeting MSME sector in India

    August 10, 2020
  • Way Out of The MAZE: A Quick Guide For Defending Against Maze Ransomware

    May 21, 2020
  • The-need-for-businesses-to-empower-the-CISO

    Why do boards need to empower their CISO?

    October 22, 2019

No Comments

Leave a Reply.Your email address will not be published.

Cancel reply

CAPTCHA Image
Refresh Image

Popular Posts

  • RAT used by Chinese cyberspies infiltrating Indian businesses RAT used by Chinese cyberspies infiltrating Indian businesses December 18, 2020
  • Benefits of having Intrusion Prevention/Detection System in your enterprise Benefits of having Intrusion Prevention/Detection System in your enterprise February 15, 2018
  • 5 Security measures you should take to protect your organization’s network 5 Security measures you should take to protect your organization’s network August 11, 2017

Featured Authors

  • Seqrite
    Seqrite

    Follow us for the latest updates and insights related to security for...

    Read more..
  • Viraj Talikotkar
    Viraj Talikotkar

    Viraj is a Lead Technical Writer at Quick Heal Technologies. He is always on...

    Read more..
  • Sanjay Katkar
    Sanjay Katkar

    Sanjay Katkar is the Joint Managing Director and Chief Technology Officer of...

    Read more..

Latest Posts

  • Are we prepared against risks generating from the IoT revolution?

    Are we prepared against risks generating from the IoT revolution?

    January 15, 2021
  • Proactiveness is the key to resolving hybrid cloud’s security challenges

    Proactiveness is the key to resolving hybrid cloud’s security challenges

    January 6, 2021
  • How can EdTech companies deal with rising security challenges?

    How can EdTech companies deal with rising security challenges?

    December 24, 2020

Stay Updated!

Topics

Antivirus For Linux (10) Antivirus For Server (9) BYOD (9) Cyber-attack (31) cyber-attacks (56) cyberattacks (12) Cybersecurity (274) cyber security (25) Cyber threat (29) cyber threats (44) Data (10) data breach (50) data breaches (27) data loss (28) data loss prevention (33) data protection (21) data security (13) DLP (49) Encryption (16) endpoint security (102) Enterprise security (14) EPS (9) Exploit (12) firewall (11) hackers (9) incident response plan (9) IoT (10) malware (58) malware attack (22) malware attacks (12) MDM (25) mobile device management (9) Network security (18) Patch Management (12) phishing (16) Ransomware (54) ransomware attack (29) ransomware attacks (30) ransomware protection (12) Seqrite (24) Seqrite Encryption (27) Seqrite EPS (33) Seqrite Services (16) UTM (34) Vulnerability (10)

Products

  • Endpoint Security (EPS)
  • Seqrite Encryption Manager
  • Seqrite Endpoint Security Cloud
  • Cloud Security
  • Seqrite mSuite
  • Seqrite MobiSMART
  • Unified Threat Management
  • Seqrite Secure Web Gateway
  • Antivirus for Server
  • Antivirus for Linux

Resources

  • White Papers
  • Datasheets
  • Threat Reports
  • Manuals
  • Case Studies

About Us

  • Company Overview
  • Leadership
  • Why choose SEQRITE?
  • Awards & Certifications
  • Newsroom

Archives

  • By Date
  • By Category

© 2020 Quick Heal Technologies Ltd. (Formerly Known as Quick Heal Technologies Pvt. Ltd.) Cookie Policies Privacy Policies

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website.
By browsing this website, you agree to our cookie policy.