Social engineering is a serious threat to your business.
You've probably heard of phishing — when hackers try to get you to divulge your personal information. But the tactic has become so widespread and sophisticated that there are now subcategories of phishing.
Vishing is voice phishing, which happens when hackers call you on the phone and ask for your personal information.
Smishing is when hackers send you text messages to try to gain access to your personal information. They do it because it works.
Vishing has been around since the first telephone was invented. This is about as unsophisticated as hacking gets.
Did you see the video that made the rounds recently of a hacker gaining access to a journalist’s cell phone account by playing the sound of a baby crying in the background?
Hackers don’t even have to target you to gain access to your personal information. And once they have a little bit of personal information they can use it to convince you they are someone who should be trusted with your personal information.
Smishing is a newer category of phishing that involves the use of text messages. If someone texted to ask for your personal information, would you consider it a threat or would you just fork it over?
Hackers have many different tools in their toolboxes to make themselves appear legitimate, such as phone masking which makes their phone number appear different to your caller ID.
If you thought your phone company or bank was calling you, would you know what you needed to do to verify their identity?
So what does all this mean to your business? Well, there’s actually another category of phishing called spear phishing.
This takes place when hackers target high value employees of an organization using various phishing techniques in order to gain access to a company’s protected information, such as trade secrets or web admin.
There’s no limit to the damage a hacker can do to your business once they have gained access to your personal information. Five out of six large companies have been the target of spear phishing, and that number keeps growing.
There are a few important things you can do to protect your company’s valuable information and access. For starters, make sure everyone changes their passwords frequently and doesn’t share them with anyone for any reason.
Educating your staff about possible phishing attacks is also crucial- knowing how hackers work is the first step in stopping them. Teach your employees about common tactics such as phone spoofing, creating a false sense of urgency, using personal information gathered from social media sites, and good old-fashioned persuasion.
Hackers do these things because they work, and the only way to prevent them from working is to educate your staff on what to look out for — and how to resist. Even the smartest employee can be tempted to share personal information when the caller asks the right questions, often by claiming that he was asked to call by a senior member of the company.
Learn more about the latest phishing techniques from this infographic. It’s important to know what kinds of techniques are being used so you can protect your company’s valuable information from hackers.