2017 Q4 LIFE@reliance Newsletter

C Y B E R S E CU R I T Y

October is National Cyber Security Awareness Month

RELIANCE TECHNOLOGY SOLUTIONS Information Security

How Susceptible are You to a Social Engineering Hacking Attack?

WHAT GOOD IS A FIREWALL TO KEEP OUT CYBERCRIMINALS IF YOU DISCLOSE HOW TO GET IN THROUGH THE BACKDOOR? HERE’S WHAT YOU NEED TO KNOW TO IDENTIFY SOCIAL ENGINEERING HACKING ATTACKS AND HOW TO PROTECT YOURSELF AGAINST THEM.

IN PERSON “Tailgating” is a popular way of entering a restricted physical location by exploiting people’s trust. This could be as easy as following someone with legitimate access or asking someone to hold open the door. A more sophisticated method could be to pretend to be a technician, a delivery person or a cleaning crew member. Wearing the right outfit and telling a convincing story might be all that is required to get in. Also be aware of devices such as flash drives or DVDs that are left behind in public spaces. These might contain malicious programs that can compromise your computer security. Curiosity could easily get you into trouble. ONLINE A social engineering hacker will use breaking news, popular culture, or other events to entice you to click malware links. Phishing emails are a cheap and easy way to reach a multitude of users; other ways include a popup that says your system has been infected and a simple download can fix the issue.

Social engineering hacking is gaining access to information, systems or physical locations using human psychology. The cybercriminal exploits fear, uncertainty, doubt – or the desire for free stuff. Instead of trying to find a software vulnerability, a social engineering cybercriminal might pose as an IT helpdesk to trick you into divulging your password. Cybercriminals increasingly use social engineering because they know the easiest way to access a system is through the person using it. Their preparation might consist of obtaining a company phone list or organizational chart on social networking sites like LinkedIn or Facebook. How could you fall victim to these types of tactics? ON THE PHONE A hacker might pretend to be a fellow employee or a trusted authority such as law enforcement or an auditor. They could scare you into disclosing sensitive information, or direct you to a web site to click a link that installs malicious software on your computer.

HOW DO WE PROTECT OURSELVES FROM SOCIAL ENGINEERING ATTACKS?

1. EDUCATON Awareness is the best

defense. Know that social engineering attacks exist and be familiar with the most commonly used tactics. 2. ASK QUESTIONS Whenever you are approached by someone you don’t know – in person or online – be cautious and careful with the information you share. If unsure, ask to verify and validate someone’s identity. 3. REPORT SUSPICIOUS ACTIVITIES If you suspect you might have fallen victim to a social engineering technique, report it to the proper authorities. Change your passwords immediately if you think they might have been compromised.

ISSUE 11 | OCTBOER 2017 5