Social engineering is quickly becoming a common phrase used to describe a range of malicious activities accomplished through human interactions. Bad actors use psychological manipulation to trick users into making security mistakes or giving away sensitive information.
With more than 4.5 billion active internet uses, it should come as no surprise that the average person is now a heavily targeted individual for cyber-crime.
Social engineering attacks typically have 4 steps:
1. The victim is identified and background information about them is gathered
2. The target is engaged and deceived in some way—investment opportunity, updating private credentials, spinning a story, phishing emails, etc.
3. The attack is executed based on obtaining the necessary information and the disruption to business, handing over of personal information or loss of funds occurs
4. Depending on the type of attack, the bad actor will close the interaction, remove all traces of malware, cover tracks or links to the victim
Now more than ever, individual users, as well as organisation employees, need to be vigilant about their online behaviour as well as the kinds of information they reveal whether that is to social media platforms, business websites and especially responding to emails.
A great way for an organisation or user to identify if they are vulnerable to these types of socially engineered attacks is to use KnowBe4’s complimentary IT security tool—Social Media Phishing Test (SPT).
–>> How many of your users are vulnerable to social media-related phishing attacks now? Run the test HERE
SPT provides insights into how many users will fall victim to malicious content, allowing you to take action to train your employees and reduce your organisation from potential threats.
Note: SPT only tracks whether the user clicked on a link or attempted to enter data. SPT does not collect data and will never save any data entered on landing pages.
To find out more information about this tool, contact the Vectra team.