Social Engineers may be looking to gain passwords, bank account or credit card information, or access to your computer, and with a good personality, they can appear trustworthy. Social engineering is a non-technical or low technical type of security attack that relies heavily on human interaction and involves tricking people into breaking normal security procedures to give up confidential information. Social Engineering can occur in-person, over the phone, in emails, or on fake web pages, and relies on our natural tendency to collaborate, trust, and help others. Attacks happen through lies, impersonation, tricks, bribes, blackmail, and threats – used to attack information systems.
For example, social engineers (hackers) can get information about your website hosting online and can call your office claiming to work for your websites hosting company (now knowing their name) and can manipulate an employee into giving them the password. Once they have access to the site, they can steal sensitive information and even disable the site.
An integral part of our security training is identifying the vulnerabilities of your network as it relates to your workforce.