Employee Education and Network Monitoring are the Only Tools Businesses Have to Combat Social Engineering

According to industry experts, phishing is one of the top cyber threats for organizations to concern themselves with in 2017. However, many professionals thought phishing was something that only happened back in the early to mid 2000’s.

TV documentaries would interview blurred ne’er do wells who’d set up computer rooms in Nigerian warehouses to lure lonely single women into sending them money for plane tickets to America. The women sent money in the hopes of finding a husband. Still, other scammers would call from India and other countries and threaten to arrest people if they didn’t pay a bill they supposedly owed from 5 or 6 years ago. Apparently, they’d been tried and convicted of not paying it though they didn’t know it and the corporation was now demanding $2,000 or they were sending the authorities.

However, these scams are now easy to spot. Most people don’t fall for them. Unfortunately though, phishing now falls under the category of social engineering and has a far more shark-like bite to it.

The premise of the early days of phishing was that anonymous people were able to manipulate mainly Americans and Europeans into thinking they were someone else with fake online profile pictures, phone calls, texts etc. However, though it’s still possible for people to create fake profiles, many people don’t fall for them in the same way. However, social engineering often puts a real face and a fake name to the crime of phishing.

These scammers get to know high-level executives and company gatekeepers. They become friends with these individuals or convince them they are colleagues from another large corporation. They gain enough trust to send an email with an attachment the person will open. The person opens the attachment and there it is. The same old scam was just carried out in a different way. Once these phishers, (called whalers when they go after high-level execs) get in; they have complete access to almost everything that company computer has access to.

It’s crucial to educate staff about social engineering so they can recognize the tactics before it’s too late. It’s also important to have a good MSP monitoring your network and encrypting and securing your data. Only a qualified expert can identify and contain intrusions as soon as they happen. Contact us at Kotori Technologies today. We offer enterprise-level security and straightforward IT solutions