"Hello, is this (your name)?" "Yes." "This is (some one from IT) from technology and we are doing some user maintenance and we'll be needing your username and password to do an upgrade of the email system. Can you please tell me your user name and password?" What is your answer?
Unless you recognize the voice, I hope that your answer is "No" because that is probably a spear phisher. We don't need your password. If you want us to test something for you and phone us that is one thing. If someone calls you out of the blue, be suspicious. When we have new things going on, we announce it ahead of time in newsletters and emails.
Someone calls you asking for names of individual who head certain departments. Do you give them out or do you ask for their name and phone number and say someone will get back to you? I hope the latter.
An "officer of the law" calls asking for private information about someone you know from a cell number. Do you tell him or her?
All of these are known as social engineering attempts. They find out as much as possible from social interaction with employees and then try to crack the company's defenses.
Be paranoid! They ARE out to get you!
Someone on my facebook home page keeps popping up and it says that I have 58 friends in common. I've never seen this girl, I can't find any record of her employment with our company. Be careful! I had a bad experience with a former relative who started friending my coworkers. This relative is in the Middle East. Check profiles! Know who you are doing business with.
When on the phone and you get suspicious, say I'll call you right back can I have your name and number. If they don't give you their number, I wouldn't give them any information they want.
Hackers use social engineering to crack networks. What better method to do social engineering than on social networks! You can learn everything. You can learn who the CEO is, who the COO is, who does the accounting and who is the director of IT.
Be careful about what kind of information you divulge, especially if you are on a wireless network. Take care.
Regards, Janet
No comments:
Post a Comment