Social Engineering

Introduction

Social engineering attacks are not limited to Computer & IT domains only, and applies to every aspect of life. Preventing social engineering attacks are simpler than we think. It’s all about common sense. All we need to do is to be vigilant. If something seems suspicious or does not feel right, it may be an attack.

Common clues of social engineering attack includes

• Someone creating a tremendous sense of urgency. They are attempting to fool you into making a mistake.
• Someone asking for information they should not have access to or should already know, such as your account numbers.
• Someone asking for your password or pin. No legitimate organization will ever ask you for that.
• Someone pressuring you to bypass or ignore security processes or procedures you are expected to follow at work.
• Something too good to be true. For example, you are notified you won the lottery or an iPad, even though you never even entered the lottery.
• You receive an odd email from a friend or coworker containing wording that does not sound like it is really them. A cyber attacker may have hacked into their account and is attempting to trick you. To protect yourself, verify such requests by reaching out to your friend using a different communications method, such as in person or over the phone.

Prevention

• If you suspect someone is trying to trick or fool you, do not communicate with the person anymore.
• If the attack is work related, be sure to report it to your help desk or information security team right away.
• Remember, common sense is often your best defense.

Some commonly seen instances of Social Engineering is shown below

Instance 1

CEO Fraud:  Mail claiming to be from the CEO of an organisation

1. First mail claims to be from CEO of an organization. When you analyze this mail, you’d see sender’s e-mail id, as well as no salutation, no proper greetings, no mailing etiquettes.

2. Second mail is the exploit that attacker wanted to perform.

Instance 2

Pick-Up Lines

"Can you hold the door for me? I don't have my key/access card on me."

"Did you see this video of you? Check out this link!"

"This is Chris from tech services. I’ve been notified of an infection on your computer."

"Someone has a secret crush on you! Download this application to find who it is!"

Instance 3

Impersonation

Tech Support got a call and below is excerpt from their conversation.

Attacker:  Hi Amy, this is Roy.

Tech Support:  Hi Roy!

Attacker:  I’m working from home today and facing issue with login

Tech Support:  How can we help?

Attacker:  It seems i forgot my password so can you reset my password and send me link to create new password.