According to Verizon’s 2012 Data Breach Investigation Report, Social engineering techniques are increasing in popularity, associated with over half of the breaches investigated. This reminds us the importance in understanding how to avoid becoming a victim of social engineering. Phishing, a form of social engineering, is one of the most popular cyber attacks used today.
- IID (Internet Identity®) reported in their recent eCrime report that there was a 333 percent increase in phishing attacks impersonating email service providers from Q4 2011 to Q1 2012.
- Joseph Steinberg, C.E.O. of Green Armor Solutions, a leading provider of online security technology, recently discussed congressional testimony that stated that phishing remains the most popular attack method that criminals use to infect victims’ computers.
Four tips to staying protected
1. Do not click on links within your email, especially if they require a log-in or personal information. It is always a best practice to go to the actual website of the trusted company by entering in the URL manually, then logging in as you normally would. If this call is legitimate, there will be a message in your account.
2. Do not download attachments you are not 100 percent sure come from a trusted representative in your company. You should never download attachments from senders you are not familiar with, but even if you are familiar with the sender, contact that sender to verify the document is safe and was intended for you before you download it.
3. Think logically. If you receive an urgent call to action that does not make sense or seems random, verify the urgency before acting on any requests. These attackers want you to act fast, so they provide scenarios that equate to emergencies.
4. Immediately report, then delete any messages that fall under phishing attacks.