The Simple, Yet Complex Nature of Social Engineering

Scmagazine.com published an article by DataArt security consultant Andrey Barashkov on social engineering scams. The article explores why social engineering is so effective, why phishing scams are not as easy to execute as people often think, and why fraudsters don’t just focus on phishing anymore.

«The 2021 Cyber Security Statistics report by Purplesec found that 98% of cyberattacks relied on social engineering.»

«Employees are the weakest links in a security system. Fraudsters use psychological manipulation to build a trust relationship with their targets. Afterward, it’s much easier to exploit that bond and obtain necessary information. Moreover, many employees use their corporate email addresses to register on social networks. This greatly increases the likelihood of a successful cyberattack.»

«Despite the popular opinion that email phishing attacks are easy to execute, the process of launching a successful campaign requires significant preparation.»

«These days, fraudsters have turned to more targeted social engineering attacks with a mix of techniques to avoid traditional security controls.»

«Security pros should remember the following: It’s very rare that quality resources are handed out for free, always double-check an email address and sender’s details, users who are in doubt should report the abuse to the Infosec department, finally, take social engineering tests seriously. They let security teams quickly find patterns and recognize malicious activities.»

Original article can be found here.

Welcome
We are glad you found us
Please explore our services and find out how we can support your business goals.
Get in Touch Envelope