It Could Never Happen to Me

It Could Never Happen to Me

We have all watched TV shows about confidence tricksters and how they extract money from vulnerable victims. If you speak to a con artist and I have met a few they always say that the victim got caught up in their own greed. This may be true for some con tricks but not the vast majority. Most of the time con artists exploit the fact that we are busy, distracted or tired and at these times they ply their trade.

This makes anyone likely to fall for a social engineering stunt. All of us can recognise the tricks they use in the cold light of day but on how about late on Friday afternoon when we are tired and stressed?
When you are in a hurry you tend not to concentrate as well and can be more vulnerable to tricks that we are not expecting. If you are reading this and have children you know all about expert social engineers. In short, we can all be fooled or persuaded.

Everybody can be aware when you are being told that somebody is about to dupe you. Unfortunately, they generally don’t advertise the fact.

In the digital age the social engineering problem has far more serious consequences. We can now be a doorway into IT systems that social engineers can use to deploy malware, steal information and destroy our data. Why would they do such a thing?

Well social engineering is a “craft” that stands on its own and has been around for centuries however now it is being used as an attack vector to gain entry into our most secure systems. This has resulted in many other criminal types adopting social engineering techniques than just the regular con artist

Criminals have been quick to recognise that IT systems whilst secured with very expensive and sophisticated firewalls and Intrusion detection systems are very easy to access via the humans operating these systems. In fact, 80% of all cyber breaches have a social engineering element to them.

The answers is not in IT systems but in training staff to be aware of social engineers and the types of attack they undertake. Informative training coupled with the development of good cyber hygiene practices and the creation of a cyber security culture can do a huge amount to mitigate these types of threats.  Good cyber hygiene and culture are important as it reinforces the training undertaken in mitigating social engineering techniques.

One final thought, if we think we are not potential victims of social engineering, that our views and thoughts cannot be manipulated. A question when did you last buy or want to buy something on the brand name alone?

To find our more about our Social Engineering Training Please click here

Dr John McCarthy

Written by : Dr John McCarthy

Dr John McCarthy is a world renowned authority on CyberSecurity strategy, development and implementation. He holds a PhD in CyberSecurity and eBusiness Development and is an internationally recognized author of a number of works discussing all aspects of CyberSecurity in the modern world

Show comment form