Don’t be a victim of Social Engineering21 March, 2016
What is Social Engineering?
It’s the art of manipulating, influencing or deceiving you in order to gain control over your computer system. The bad guys will use any means they can eg email, mail, phone or direct contact at your door to gain illegal access and install malware on your computer.
What is malware?
Malware is software specifically designed to disrupt or damage a computer system. It can take many forms but the key ones to be aware of are:-
Virus – A computer virus copies itself to another computer and infects files on that computer.
Worms – A computer worm copies itself to other computers.
Keyloggers – A keylogger is a small bit of malware that looks at what you type on your keyboard and keeps a log of all keystrokes like your logons and passwords.
Trojans – A Trojan horse (usually knows as a Trojan) is malware that hides itself on your computer and allows the bad guys to run their software on your computer eg Trojans send keylogger files back to the bad guys.
Backdoors – A software program that gives an attacker unauthorised access to a computer so they can control it remotely.
Ransomware – denies access to a device like a phone, or hijacks all the files on a PC until a ransom has been paid.
What form will the attack take…?
There are many ways the bad guys will try and get into your computer system but a couple of the keys ones are emails that allegedly comes from an organisation that is known to you eg your bank but if you open it and click on an attachment you could be installing malware – this is known as phishing. Or it could be an email from someone in your organisation asking you to do something that will open your computer system to attack – someone you trust, this is known as Spear Phishing.
The bad guys will try and get you to open an email and click on an attachment or they will try and trick you into clicking on a link, or direct you to complete a form any of which may give them the opportunity to install malware on your computer.
Be alert to these forms of attacks by making sure you have up to date virus scanning software on your PC. Don’t open attachments on emails unless you know the sender and are expecting the attachment. Look for clues in the emails sent to you that may identify them as phishing or spear phishing attacks and delete the emails.
Use the checklist to help you identify Social Engineering emails