What they are and how these attacks take advantage of our natural tendencies
How social engineering attacks work
What attackers are after
Data Physical access to a location
How attackers contact you
Email Telephone SMS Text Message Social Media (Facebook, Twitter, LinkedIn) Messaging Apps (Messenger, Skype, WhatsApp) Forums and chat rooms Dating sites Face to face
How attackers get you to do what they want
Fear – by acting as somebody in authority, making threats or simply by pushing that something must be done to a tight time limit. Compassion – by pretending to be poor, lonely or even a family member in financial need. Loneliness – dating sites and social media are rife with fake accounts and bots trying to lure in the unwary, building trust, promising romance and then using the victim. Greed – Get rich quick scams, fake jobs and interviews and false lotteries and prizes are all used.
gradually build up a picture learn your weak points gain your confidence combine what you tell them with information they have found elsewhere.
How to protect yourself
Be wary of unprompted contact from strangers. Cold callers, unknown contact on social media and dating sites can all be a potential first step for a social engineer. If it sounds too good to be true, it may well be. Be wary of unsolicited messages that aggressively push for you to take some kind of action within a tight timeframe. Be aware of what you tell people, especially if it is about any kind of information that protects our security.