ETFOptimize | High-performance ETF-based Investment Strategies

Quantitative strategies, Wall Street-caliber research, and insightful market analysis since 1998.
ETFOptimize | HOME
Close Window
My Watchlist
Indicators
Markets
Stocks
ETFs
Tools
Markets:
Overview
News
Currencies
International
Treasuries

3 Ways to Protect Against Social Engineering Attacks

By: Brandpoint

(BPT) - The foundation of all human relationships is trust. But our tendency to trust is exploited every day by hackers who engage in social engineering to gain unauthorized access to computer networks with the intent to steal data and cause financial harm.

Social engineering attacks occur when fraudsters combine publicly accessible information and manipulative tactics to fool an unsuspecting victim into providing personal information and other sensitive identification data.

Bad actors often begin the attacks by collecting personal information about their targets on social media accounts. Next, they contact the potential victim directly and pose as a trusted connection, such as an employer. These tactics can quickly lead to compromised credentials and the potential for account takeovers leading to large-scale damage and theft.

Why social engineering is so effective

Common social engineering attacks include:

  • Phishing, in which hackers send a fraudulent message designed to trick the victim into revealing sensitive information.
  • Baiting, where the hacker uses a false promise - like a $10,000 reward - to spark a victim's greed or curiosity.
  • Scareware, where the victim is overwhelmed by fictitious threats to get them to buy or download malicious software.

These kinds of attacks are on the rise precisely because they are so lucrative. According to security firm Check Point Software Technologies, the average social engineering attack costs companies $25,000 to $100,000 per incident, and that amount can even be far higher in terms of data compromised.

Social engineering attacks are so effective because they tap into basic human emotions, both positive and negative, and exploit them to steal money and information. For instance, it's common for a fraudster to play on a person's sympathy to trick them into providing information. A typical example of this is when hackers pose as the victim's co-worker or boss and ask for help with a login, password or other system sign-on data.

Fraudsters also understand that humans are not perfect and will often act selfishly. As a result, social engineer attacks often tap into emotions like greed to get what they want. For example, a bad actor may entice a victim into providing account details and login information by offering money or other incentives.

The bad guys also know that people often don't think clearly when under pressure, so they ramp up the urgency in their requests to force the hand of a victim. When a target is told they need to provide their information quickly to keep a (bogus) negative event from happening, they often do what they are asked.

Stopping social engineering attacks

How can businesses and consumers defend against social engineering attacks? Here are three ways to limit the chance of a successful attack.

1. Always be wary online. It's critical to be suspicious of unsolicited requests from individuals seeking data or personal information. Ask yourself why that person really needs to know what version of an operating system you're running, or what company you work for. Be equally suspicious of any files or attachments that arrive in your inbox unsolicited. Never download files you don't recognize. If you don't recognize the file, then it's a risk. It's also wise to install and maintain anti-virus software, firewalls and email filters.

2. Make cyber education a priority for both employees and customers. It all starts with education. You should train both your employees and customers to practice good security hygiene. For instance, educate your employees about common scams when you see them. If a particular attack vector is proving successful and becoming more widespread, make everyone aware of it so they can take the necessary precautions. Also, encourage your customers to pay close attention when going through emails, especially when taking further actions like clicking a link or downloading an attachment. Remind them that you don't ask for sensitive information over email, and that they should always double-check email and link validity.

3. Monitor for malicious users. Many social engineering attacks rely on fake account creation and/or use of synthetic identities to succeed. To thwart attacks, add the right mix of procedures, checks and balances into your onboarding and signup process to ensure customers are unable to create synthetic identities and fake accounts. You can also implement risk-focused systems to monitor for any unusual changes in the digital identity footprint of your customers. This includes authenticating them each time they engage in high-risk transactions, such as password resets or large transfers of money.

Final takeaway

The reality is that there is no single solution that can put a halt to social engineering. But combining technology with customer education can make it difficult for fraudsters to succeed and can put a significant dent in social engineering attacks overall.

TeleSign helps you protect and defend your customers and your operations across the entire customer journey - from sign-up to sign-on. We help you block fake users at scale, detect unauthorized access, prevent account takeovers and defend against other malicious actions against your customers.

To learn how businesses can protect their operations and customers from fraud and cyberattacks visit TeleSign.com.

More News

View More
Joby's Stock Is Quiet, But Its Commercial Engine Is In Overdrive
Via MarketBeat
Tickers JOBY UBER
Why Seagate Is Wall Street's New Favorite AI Infrastructure Play
Via MarketBeat
Topics Artificial Intelligence
Tickers BAC STX
3 AI Infrastructure Stocks With Upside After the Summer Rally
Via MarketBeat
Topics Artificial Intelligence
Tickers AMZN ANET AVGO GOOGL META MSFT
Can Advantage2 Help Overcome D-Wave's Share Price Plateau?
Via MarketBeat
Tickers F GEV NVDA QBTS
Eli Lilly’s Oral GLP-1 Breakthrough Could Change Everything
Via MarketBeat
Tickers LLY
Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms Of Service.


 
IntelligentValue Home
Close Window

DISCLAIMER

All content herein is issued solely for informational purposes and is not to be construed as an offer to sell or the solicitation of an offer to buy, nor should it be interpreted as a recommendation to buy, hold or sell (short or otherwise) any security.  All opinions, analyses, and information included herein are based on sources believed to be reliable, but no representation or warranty of any kind, expressed or implied, is made including but not limited to any representation or warranty concerning accuracy, completeness, correctness, timeliness or appropriateness. We undertake no obligation to update such opinions, analysis or information. You should independently verify all information contained on this website. Some information is based on analysis of past performance or hypothetical performance results, which have inherent limitations. We make no representation that any particular equity or strategy will or is likely to achieve profits or losses similar to those shown. Shareholders, employees, writers, contractors, and affiliates associated with ETFOptimize.com may have ownership positions in the securities that are mentioned. If you are not sure if ETFs, algorithmic investing, or a particular investment is right for you, you are urged to consult with a Registered Investment Advisor (RIA). Neither this website nor anyone associated with producing its content are Registered Investment Advisors, and no attempt is made herein to substitute for personalized, professional investment advice. Neither ETFOptimize.com, Global Alpha Investments, Inc., nor its employees, service providers, associates, or affiliates are responsible for any investment losses you may incur as a result of using the information provided herein. Remember that past investment returns may not be indicative of future returns.

Copyright © 1998-2017 ETFOptimize.com, a publication of Optimized Investments, Inc. All rights reserved.