Social Engineering is becoming far more prevalent in recent years. The attacker can target a large number of individuals for a generic offer or a smaller subset of individuals with a very specific approach tailored on a per-person basis.
The key difference between technical exploitation and social engineering is that, besides training, it is difficult to find a clear mechanism to significantly reduce the risk of an individual being susceptible.
Social engineering is on a case-by-case basis and can drastically change in complexity depending on the scenario.
OFFERS, SCHEMES OR INVESTMENTS
Draws an individual in over a longer duration. Slowly takes advantage of them for a higher pay-out.
Resolution: Avoid temptation to be immediately drawn in. Use the classic ‘sleep on it’ method. If it seems to good to be true, or you aren’t certain on the origin of the offer, decline.
READ MORE: Knowing your cyber security approach
OUTSTANDING PAYMENTS
Used by exploiting fear, debt collection or warning notices target those who will immediately pay without questioning further.
Resolution: Creditors have guidelines to work within. If you are being pressured, do not react and report it to the relevant professional body.
IMPERSONATION
More crafted attack which involves full identity theft and charisma to draw out a longer exploitation for a high pay-out.
Resolution: Keep your paper-trail and digital footprint small. Remove when you no longer use them. Avoid leaving personal information exposed to identity thieves.
REWARDS
These are often considered high failure rate and are very easy to spot at the first instance. They target a large audience and rely almost exclusively on volume.
Resolution: Ignore all rewards unless released from an official body. The ‘too good to be true’ rule applies here.
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here