Social EngineeringWe all know that it is wrong to open attachments from unknown emails, follow links on social media that we do not trust and to download software from unauthorised sources. But these are not the only routes a criminal may use to get access to your business systems.

Cyber Crime Through Social Engineering

Social engineering is when a criminal manipulates an individual to enable criminal activity. In today’s cyberthreat-aware world people are less likely to click on links in emails that they do not know. But it may be possible for them to be tricked into doing so and take away the hard work for the criminal. Social engineering is becoming more common and people have been persuaded to grant access to systems and share information or even hand over money as a result.

Phishing

This is where emails are sent by criminals pretending to be someone else – often to hundreds of recipients at once. They claim to be from a bank, government agency or other trusted organisation. The aim is to get the recipient to reveal confidential email such as passwords.

Phishing East Yorkshire IT support
An example of a “phishing” email

Because the source appears to be legitimate, people are more likely to reply or click the link. It is possible to “spoof” an email address so the sender appears to be the correct email address, or they use similar – but inaccurate – email addresses to the real company.

Spearphishing

This is the same as phishing, but directed at an individual. The “sender” will often be someone that the person knows such as a colleague, boss or IT support company. Often, information obtained from social media sites will be used to make the email more convincing.

Digitalquill – East Yorkshire and Hull’s Internet Security Specialists

For advice on internet security for small businesses and Hull IT support call Digitalquill on 01482 424402 or visit www.digitalquill.co.uk to find out more.