2 min read

Social engineering; still one of the most successful tactics

Luana PASCU

September 21, 2016

Social engineering; still one of the most successful tactics

After all the talk and research about how to stay safe online, you”d expect educated behavior among web surfers. Surprisingly, research shows differently. In fact, they are just as oblivious to malware as they”ve always been. What”s more, they still fall victim to social engineering hacks, proving a serious vulnerability when at the office.

Psychological manipulation has made hackers billions of dollars. Vodafone statistics show users are getting less aware by the year. In 2015, as many as a third of phishing emails were opened, and 12 percent were successful because users either clicked the URL or downloaded the attachment. Some 63 percent of breaches investigated were caused by a weak or stolen password by social engineering scams urging users to reset their banking password.

Almost all breaches follow the same nine patterns: miscellaneous errors (17.7%), insider and privilege misuse (16.3%), physical theft and loss (15.1%), denial of service (15%), crimeware (12.4), web app attacks (8.3%), point-of-sale intrusions (0.8%), cyber-espionage (0.4%), payment card skimmers (0.2%), everything else (13.8%).

Companies don”t even have “a half-decent defense,” the report claims, because they have failed to thoroughly detect and understand the patterns, industries and errors. Once businesses understand this and keep track of errors, they will improve deployment and cut costs. If hackers take advantage of new technologies such as the internet of things and mobile, businesses need to think ahead to better protect their networks.

67 specialists from law enforcement, government and security service providers investigated more than 100,000 incidents, along with 2,260 confirmed data breaches in 82 countries to compile Vodafone”s 2016 Data Breach Investigations Report.

While businesses rely on outdated strategies that take weeks to detect an attack, hackers are improving their skills, causing costly system breaches in less than a few minutes in 93 percent of cases, they found. Data breaches are not just about losing information — in the long run they affect reputation and involve expensive fines and restitutions.

Obviously hacker behavior can”t be predicted, but some measures that could help as a first layer firewall. First of all, if you”ve already experienced a breach, keep track of the errors throughout the investigation and understand what went wrong and how it could have been avoided. Keep educating employees on best practices at the office and ask them to implement two-factor authentication. Allow access on a need-to-know basis to prevent employees from sending confidential data to the wrong recipient. If you detect a breach, stay alert to fix it as soon as possible and encrypt all valuable data.

tags


Author



Right now

Top posts

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Supply Chain Attack Detected in PyPI Library Supply Chain Attack Detected in PyPI Library
Silviu STAHIE

August 02, 2021

1 min read
Scam baiter Jim Browning bamboozled by scammers into deleting his own YouTube channel Scam baiter Jim Browning bamboozled by scammers into deleting his own YouTube channel
Filip TRUȚĂ

August 02, 2021

3 min read
Instagram influencer Hushpuppi admits his part in scams that stole more than $24 million Instagram influencer Hushpuppi admits his part in scams that stole more than $24 million
Graham CLULEY

July 30, 2021

2 min read