Social Engineering: The Human Hack

15/01/2016 Filed under IT, Uncategorised

Contrary to popular belief and many media stories, IT systems are not easy things to hack. People, on the other hand, are a different matter.

The easiest way to gain unauthorised access to an IT system is to trick the people who use the system into providing personal information to allow the hacker to gain access – this is known as Social Engineering.

No matter how tightly locked down your systems may be the human element can be their undoing.

So, what can you do about it? How can you protect yourself and your company?

 

The first line of defence is a healthy dose of scepticism; when in doubt, check them out!

  • Be immediately suspicious of unsolicited phone calls or emails from people requesting information about you or your company.
  • Never provide passwords to people claiming to be IT support unless you are absolutely certain you know who you are talking to.
  • Be on the lookout for emails that appear to be from a regular contact but where the language style or appearance are different from usual.
  • Never use passwords that are based on your personal information such as your partner or pet’s name.
  • If you have the slightest doubt about someone’s authenticity, take a couple of minutes to check with your manager or call the company the person claims to represent.

 

Loose lips sink ships…and companies.