Hackers aren’t nearly as nerdy as you think
Gone are the days when all cyber-threats came from a single nerd in a room writing code. The modern-day hacker does not need any programming experience to steal your personal details.
For “social engineers” psychology is much more important.
Social engineering is mental manipulation aiming for disclosure of personal information, whether in person, online or over the phone.
What makes social engineering attacks so successful (and therefore damaging) is that you might not even realise you have given any information away.
Perhaps the most common form of social engineering is phishing emails, which pose as individuals or businesses that the receiver knows and trusts.
Senders piggyback on the trust you have with others and often include personal information to seem more genuine.
The aim of phishing emails is usually to coerce people into responding with personal information but can also include links to download malware that cripple your computer or contain disturbing material.
How to avoid falling victim to social engineers
Social engineers cannot be stopped just by keeping your antivirus software updated.
Stay humble
A somewhat surprising piece of information is that old people are not the most likely group to fall for social engineering attacks.
Research shows that us young people are so confident in our abilities to suss out scammers that we are more likely to let our guard down.
Even if you are a technical genius, do not get overconfident and think you are untouchable to the manipulations of a social engineer.
Don’t follow suspicious links
This sounds obvious but bear with me.
Phishing emails can contain links to malware downloads — even in the sender’s email!
If you are not sure who an email is from, it might seem intuitive to click on their email address, but that is one way that many people inadvertently download viruses.
Harmful software can be stored anywhere, so always carefully read the URL, as it might have just one letter different from the website it is impersonating.
If you want to follow a link, it is much safer to try to find the website on your own rather than clicking on it.
Question everything
As much as curiosity is (in my opinion) a constructive trait, it is often the trigger factor in successful social engineering attacks.
Methods such as “baiting” rely on curiosity to lead people to take risky actions.
Leaving a memory stick on the ground is a common example of baiting. The memory stick will usually contain malware that automatically downloads once inserted — which could destroy entire companies’ systems.
The best thing to do is treat any unprecedented contact with caution.
And that goes for people too.
Even if someone appears to be professional, verify their identity before giving away any information. Generally, if anyone offers you free services, that should be a cause for suspicion.
Keep the software up to date
I know I said it isn’t enough, but it is still important!
Anti-virus software, firewalls and filters are great at reducing spam or malware.
If you don’t have a private network, a VPN can help by encrypting your data so that no one else can read it.
Constantly changing your passwords, keeping them complicated and unique to each account is the best way to stop anyone from guessing it.
If you want to protect your data, it is important to remember that you might be the biggest vulnerability in your network.
Don’t get cocky, stay alert and remember that tech alone is not enough to stop the modern-day hacker.
