Protect your computer! has been the mantra of safety, security and privacy experts for years. We tell you to be sure to have up-to-date security software installed. To use strong passwords. To password protect your home network. To avoid using unknown networks. And so on…
But we also tell you that all the security in the world can’t protect you, if you, or someone else using your devices, act carelessly.
You can protect your home by selecting a safe neighborhood, installing locks on the doors and windows, adding security systems, outdoor lighting, fencing and gate, and getting a guard dog. But you can also disable all that security in the blink of an eye by opening your front door. If the person at the door is safe, then no harm is done. But if the person at the door has fooled you into believing they’re safe – you could be at high risk.
The same scenario of security and disabling of security plays out online. The term social engineering refers to the ways criminals use non-technical tricks to convince you to disable your security measures so they can get into your computers, phones, consoles, etc., and cause harm.
Interesting data from AVG Technologies reported in the Virus Bulletin shows that users are more than four times more likely to come into contact with social engineering tactics as opposed to a site serving up an exploit. Why? Because criminals know that humans are usually the weakest link in the security chain.
Think about it, why would crooks struggle to dismantle or bypass your security when they can convince you to open the door and let their exploits in?
How do criminals convince users to allow them bypass the user’s security? By gathering information about their victims. Some attacks are fairly unsophisticated broad attempts sent out knowing that a certain percentage of users will have an account with a service like eBay, Facebook, Chase Bank, etc. and that some will click on a notice that appears to be from one of these companies.
In more sophisticated attacks the criminals learn more about your specific behaviors, interests and who your friends are. Once the criminals have learned these things about you, they can set up a scenario that significantly increases your likelihood of falling for their scam. The better they know you, the more likely you will click on their link or download their exploit.
How to defend yourself
Study and practice the easy to learn 14 Steps to Avoiding scams. If you follow these steps rigorously, they will help you avoid falling for socially engineered exploits.