Social engineering -Art of manipulating persons in order to bypass security measures and tools. The purpose is to obtain confidential information from users through phone, e-mail, snail mail or direct contact and secondly use these data to gain illegal access.
Social Engineering happens every day and the first line of defense is to acknowledge its existence.We must understand that we have to protect our info from others.To do this sometime we have to sacrifice convenience for security. Starting with your pc, stop leaving sticky notes with passwords on them attached to your screen. If you use the pc everyday please remember the password. You might not read anyone else's info but there is always someone waiting to get yours. If you have not been instructed to give out job info or if you did not request info that's in your email, don't give it to them. Always verify why it is needed. Awareness is the key. If it sounds to good to be true, it is. Even on your job if someone requests sensitive info please verify with your supervisor. This will save you a lot of trouble. Social Engineers are skill at retrieving info and they know what questions to ask to push the right buttons. They might have to try a hundred times but they only need one person to slip up and they are in and this could take down a whole network. Always ask why when these request come from outside the normal channels and it could save you or your company a lot of grief. Once again always be aware.
For Security questions please visit pc-2uneup.com
No comments:
Post a Comment