KT Connections Blog

KT Connections has been serving the Rapid City area since 1997, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Would Your Users Fall For These Social Engineering Schemes?

Would Your Users Fall For These Social Engineering Schemes?

Social engineering is one of the trickiest parts of protecting your organization. It might sound like something out of a science fiction flick, but it’s one of the most dangerous attacks that a hacker can use against your business. Social engineering attempts to manipulate the target into giving away sensitive credentials or personal information for the purpose of stealing identities and other malicious intentions.

Here are some of the most popular social engineering hacks that you’ll have to watch out for in the business world.

  • Vishing: More people are aware of phishing attacks than ever before, so naturally hackers had to pick up the slack somehow. Vishing is the alternative option that they are now trying to use, which features a voicemail asking for personal information.
  • HTTPS: SSL certificates can make sure that users are aware of whether or not a website is secure enough to protect your personal information. However, HTTPS doesn’t necessarily mean that a website is using security. Hackers can lure in victims by providing “free” SSL certificates to organizations, providing them with a false sense of security. You need to find proof that the website using SSL has an extended validation (EV-SSL), which is not offered for free at all. You’ll see a green bar in the URL bar when this type of encryption is available.
  • Website Copycats: Some scammers have even gone so far as to make websites that look exactly like reputable sites that are designed to harvest credentials or infect computers with malware. One example of this is the Equifax data loss incident which occurred in June 2017. Equifax had set up a website to help clients who had their information stolen, which used the URL equifaxsecurity2017.com. However, hackers capitalized on this event and created a spoof website using the domain securityequifax2017.com. The result tricked Equifax themselves. Here are some tips to help you avoid these spoofed websites:
    • Make sure the URL is correct
    • Don’t give information to sites that aren’t using EV-SSL
    • Look for seals of trust from reputable IT security websites
    • Be on the lookout for spelling errors, typos, or broken English
  • Every Word Password Theft: Hacking tools have certainly developed into more sophisticated threats, going so far as to utilize every single word in the dictionary to crack passwords. These password crackers can create hundreds of thousands of credentials in a matter of minutes, all using a dictionary attack against unwary users. Therefore, the best approach to creating strong passwords is to use numbers, letters, and symbols to make a mixture that nobody would expect.

Online threats can be a considerable problem for your organization, especially when they use each and every exploit against you. Thankfully, with some proactive measures that can keep your business safe, you’ll have a much easier time going about your online duties without exposing your data to threats. To learn more about how to protect your business, reach out to us at 605-341-3873.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, 16 December 2017
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices hackers Privacy Technology Email Internet malware Business Computing Cloud Google Network Security software Ransomware User Tips Efficiency Business Backup Data IT Support Microsoft Computer Mobile Device Management Network Gmail Managed IT Services Android Money cybersecurity Facebook Hardware Smartphone Small Business VoIP Windows Productivity Hosted Solutions IT Support Data Management IT Management Operating System Business Continuity Mobile Devices Cloud Computing Artificial Intelligence Phishing Microsoft Office communications Windows 10 Unified Communications Outsourced IT Social Media Internet of Things Data storage Passwords Upgrade Communication IT Services security cameras BDR Disaster Recovery Windows 10 Encryption Alert data breach End of Support Apple Nextiva Antivirus Business Management Update Bandwidth Smartphones Outlook Data Backup Politics WiFi Access Control Automation App Office 365 YouTube Patch Management Cost Management Collaboration Best Practice IoT Google Wallet Remote Monitoring Project Management Google Docs Analytics Legal Spam Customer Service Search IBM Browser Google Maps Server Hard Drive Drones Save Money security solutions Document Management SaaS Saving Money Start Menu Information Technology History Firewall Networking Productivity News vulnerability Events Scam Innovation Lunch and Learn Big Data Managed IT Services Data Recovery Law Enforcement Word The Internet of Things Apps Event Marketing Robot Local Buzz BYOD Gadgets South Dakota appointment Memory Digital Rapid City File Sharing Web Servers Applications communication solutions Business Mangement Sports Websites Business Growth Penetration Testing Virtual Machines Local Technology vulnerabilities Specifications Workers Virtualization Wireless Technology Physical Security identity theft Network Congestion Access IoT Devices Internet 101 Tips and Tricks LiFi Data Security Deep Learning Webcam Microsoft Office 365 Software as a Service Phishing Scams botnet attack Risk Creep camera Sales Tax Dell ’s Sonicwall Global Management System Television Samsung Society Microsoft Bookings media experience Streaming Media Redundancy Spyware Budget Remote Computing Internet Connected Devices Visible Light Communication Audit Office Google Drive Microsoft Office 365 features Virus IT Consultation botnet IT for Oil Companies macbook Password Mouse Tablets Windows 8 booking process information Windows XP Hack Laptop Website Maintenance Vendor Management Telephony Compliance Law IT IT Assessment DDoS attacks Risk Management Mobility SharePoint Tech Support Event Flash Managed Service Provider Cache Tablet Solid State Drive enterprise productivity software Advertising Fortinet Monitors VoIP IT Security Lawyers Hosted Solution IT Strategy Kaseya DDoS security precautions Printer Mixer Settings Virtual Desktop Emergency SOX Business Security Displays Freedom of Information IT Solutions Administration Kaseya Connect Information Security password manager LastPass Vendors Computer Care Business Technology Workplace Tips Communications Sarbanes-Oxley Act Time Management Proactive IT Fast food Printing Fake News Bluetooth Attorneys Quick Tips How To Conference Social Engineering Email Security user confidence Cryptocurrency Running Cable Community Involvement Chamber of Commerce Disaster Office Tips Phone System End User Testing Unified Threat Management Music Uninterrupted Power Supply face Downloads Microsoft Excel Safety Managed Services Cleaning Cabling Hacking Download Hardware as a Service Data Protection surveillance cameras Government Google Calendar Writing Content Filtering LastPass healthcare communication device Knowledge HaaS Business Comunications Black Market Corporate Profile Trend Micro Virtual Reality Social Business Communications VPN Press Release Managed IT Programming AtomBombing Worker tool Rebrand business owner Education Tech Terms Vendor Mangement Distributed Denial of Service Experience Touchscreen Cloud Backup Google Play Store Comparison Retail Banking Paperless Office Users G Suite Travel Processors Computer Malfunction 3D Printing Employer-Employee Relationship Sync Messenger Private Cloud Microchip CCTV In Internet of Things Books Work/Life Balance Motion Sickness Web Server IT service Reading Machine Learning Hiring/Firing Meetings Ordinary Computers collaboration capabilities Bring Your Own Device Wi-Fi Relocation Emails Marketing Administrator Hacker quantum computers Documents Tracking Phone Systen base infrastructure Hacks Supercomputer Text Messaging PDF Automobile Holiday Computing security solution Unified Threat Management Notifications IT Consultant Business Metrics network security professionals CrashOverride end-of-support date Language holiday season Training Chromebook Playbook Rental Service Flexibility Miscellaneous UTM holidays Employer Employee Relationship Cortana breach methods Digital Payment Reliable Computing Threat management scammers Twitter Taxes Public Cloud Telephone Systems Scalability scams Health