Can you expand a bit more on the threat posed by malicious social engineering?

Microsoft calls your office referencing a security threat you recognize as very recently being in the news. The Caller ID shows “Microsoft, Redmond, WA” and the representative is very well spoken and pleasant. He has an excellent answer for every cynical question you ask, and emphasizes the urgency of the situation. He states that Microsoft takes its commitment to the security of its customers very seriously, and this is why they’re contacting licensed owners of Windows 7 Professional to immediately patch this critical security flaw. He just needs to walk you through going to a website to install a remote access agent…

What do you do?

This is the hallmark of a current targeted social engineering scam that has so far resulted in many thousands of systems and networks being compromised, with immeasurable consequences. What’s worse is that they appear to actually be “helping” you when they connect and even thank you when the installation is complete. What you don’t know is that they’ve secretly installed a remote access application in the background so that they can download your files and data at their leisure, and you let them do it. Don’t think it can happen to you? Trust me, it can. It’s truly amazing how even some of the brightest and most skeptical people can be manipulated into divulging sensitive information or even inadvertently assisting a hacker with gaining access to a system or network.

Malicious Social Engineering can take many forms, and hackers are getting better and better at it. Whether it’s in the form of a phone call as detailed above, or an e-mail, or a website link that takes you to a completely legitimate looking banking site to “update your credentials”, they invest quite a bit of money and time to make it look and sound “just right”. Think about it, it’s far easier and less time consuming to fool or convince a user to give up their password or remote access credentials then to try to hack them.  And given how many IT departments and support firms set up users as local administrators, that entry point can mean the keys to the kingdom for a savvy hacker.

So how do you combat this new security threat?

  • First and foremost, always question the validity and authenticity of any request that involves even the most innocuous security information.
  • Slow down. Hackers convey urgency and benefit when you act first and think later. If the message or call uses high-pressure tactics, be skeptical and always carefully review before acting.
  • Research the facts. Be suspicious of any unsolicited messages. If an email looks like it is from a company you deal with, do your own research. Go to the real company’s site directly or use a search engine or a phone directory to find their phone number.
  • Delete any request for financial information or passwords. If you get asked to reply to a message with personal information, it’s a scam.
  • Don’t click on questionable links. Research them yourself and maintain control by finding the website using a search engine to be sure you land where you intend to land. Hovering over links in email will typically show the actual URL at the bottom, but a good fake can still steer you wrong.
  • As stated above, if you receive a call from a seemingly legitimate company (Microsoft, HP, Dell) stating that they need to access your computer to update it, remove malware, etc., hang up, this is also a scam where they impersonate a legitimate company and download your sensitive information in the background.
  • Again, ALWAYS be skeptical, if it looks too good to be true, 99.9% of the time IT IS…

If you have any questions about these or any threats, or the security of your systems or network, feel free to give us a call. And remember, you can always check the current Symantec ThreatCon level on our website by going here: https://techlinq.com/services/techlinq-security/.

Always be vigilant…

Leave a Reply

You must be logged in to post a comment.