Social Engineering Is A Threat To Your Business

Social Engineering Graphic

Wikipedia defines Social Engineering in the context of information security as “… psychological manipulation of people into performing actions or divulging confidential information…”

Social engineering attacks on people and organizations are so successful because people have a natural inclination towards trust.  The cybercriminals also appeal to human emotions in their communications; typically fear, greed, curiosity, helpfulness, and urgency.  Because of this, they manage to persuade people to divulge confidential information, transfer money, or inadvertently install malware.

Types of Social Engineering:

Some of the most common types of Social Engineering are:

Phishing:  This technique uses an email (or other electronic communication) disguised as originating from a trustworthy source such as a bank, delivery company or even a co-worker or friend.

Spear Phishing:  Unlike regular Phishing, this involves an email that is specifically targeted to an individual or business.

Baiting: In this case, a reward is offered to entice the victim into taking some action.

Malware: Here, a victim is falsely advised that malware is installed on their computer.  All they need to do is pay the caller to have the malware removed.

Pretexting: In this case victims are tricked into believing a false identity and providing confidential information.

Vishing:  An urgent voicemail advises the target that if they don’t act quickly they may be arrested or face some other risk.   

Water-Holing: This method injects malware into a website and any of its visitors. 

How to Protect Your Organization

According to Gartner research, “People affect security outcomes more than technology, policies or processes.”

A regular, ongoing testing, education and reporting program for your employees on how to detect social engineering attempts is your best line of defense.  It is important to note, however, that everyone’s participation needs to be mandated and monitored by management if such a program is to be effective. 

BSC offers such a program at a very affordable price for small and medium organizations.  Learn more about our on-line Phishing Security Testing & Training Service here.

April 29, 2021 2:48:20 PM

Bill Boisvenue

Leave a Reply

Your email address will not be published. Required fields are marked *



Getting your computer network, phones and software applications to work shouldn’t be a monumental project;
yet we constantly hear from frustrated organizations like yours who call us when they’ve finally
had enough of the poor services and excuses from their current IT support firm.

Our offer of a FREE Service ticket is a no-risk way of introducing our services.
Let us diagnose and work on the computer problem of your choice and
find out what over 25 years of service excellence feels like.

Accepting this free offer in no way obligates you to do any further business with us but of course we hope you will!

1. Because our resources are not unlimited, the free service ticket will cover a maximum of 2 hours of remote support for 1 service issue.
2. Since customers who are the best fit for our services have a minimum of 10 computers, this free offer only applies to organizations of this size.
3. This offer applies only to organizations who are not already a customer of BSC Solutions Group.

Please fill out this form and a BSC Solutions Group “IT Guardian Angel”
will contact you within 24 hours.