It’s that time of year once again, the time for costumes, monsters, treats and tricks. Halloween is just around the corner with the fun of “Trick or Treating” soon to begin. But, a Halloween trick is not the only form of manipulation we could be facing.
We are all concerned about our computers being infected with viruses or our online accounts being hacked. This is why we use computer programs to protect against these threats. But, there is another threat a computer program cannot protect against-Social Engineering.
Social Engineering is a way to hack into personal accounts using every day social skills which trick people into giving out personal information.
Social engineers can hack into your personal accounts through phone conversations, emails, and even by dumpster diving. They do this by posing as someone or something trying to protect you when in reality, they are the ones who end up attacking.
For example, this phone conversation is a recording of someone gaining personal information from a Starbucks employee by posing as someone from the corporate office.
Emails can be sent out with email attachments prompting you to open it. This blog gives an example of an email posing as Gmail which states the user’s account is out of date. It prompts the user to reply to the email by sending a new email and password.
Dumpster diving can be used by going through trash and collecting bills with important information.
Social Engineering has become so popular, there are now conventions being held in order to gain awareness of these tricks.
Def Con is an organization which holds conventions every year where participants hack into accounts live and at the end, state their true identity. They do this in order to show people how easy it is to be tricked. Federal agencies are even invited to these conventions in order to gain awareness.
So, how do you avoid this trick? Simply use common sense.
If someone calls you stating they are from your bank or another company you use, hang up and call them back to ask if they really do need some information from you. In the instance you receive an email that asks for your information in any form, do not reply. Take the steps necessary to change your login information from that account. And, when throwing away bills you do not need or mail which states any account information, tear it up and then throw them away. To be certain, throw away the pieces into separate trash bags.
Protect yourself from these tricks because, really, the only tricks we want to be experiencing are the ones from Halloween’s “Trick or Treating.”