Social Engineering: The Silent Killer

When one thinks of a cyberattack, the typical assumption is one thing: a virus. Whether it be ransomware or a Trojan Horse, it is always inferred that some sort of malware has infected your computer, effectively “hacking” it. Social engineering, however, entirely subverts that expectation.

While the traditional “hacker” channels their technological prowess through elaborate scripts or programs, cybercriminals that utilize social engineering, or “social engineers,” take a much different approach. In fact, the methodology behind social engineering is ominously simplistic. Instead of manipulating technology, social engineers manipulate people themselves. Norton, a popular antivirus company, breaks down the process that a social engineer would take when attacking a victim in the following steps:

1. Preparation: The social engineer gathers information about their victims, including where they can access them, such as on social media, email, test message, etc.
2. Infiltration: The social engineer approaches their victims, usually impersonating a trustworthy source and using the information gathered about the victim to validate themselves.
3. Exploitation: The social engineer uses persuasion to request information from their victim, such as account logins, payment methods, contact information, etc., that they can use to commit their cyberattack.
4. Disengagement: The social engineer stops communication with their victim, commits their attack, and swiftly departs.

As you can see, a victim’s personal information is vital for a social engineer. It is the foundation that they need in order to advance their cyberattack. While the effects of social engineering can be devastating, as your accounts can be compromised and potentially never returned, there are ways that this can be prevented.

1. Avoid clicking suspicious or unrequested links
2. Enable two-factor authorization on all of your accounts
3. Use passwords that are not easy to guess.
4. Avoid oversharing information online.

Redact can make preventing a social engineering attack very easy by deleting what a social engineer is looking for: information. By using Redact, you can delete your posts and messages on various social media sites, ranging from popular platforms such as Twitter, Facebook, Discord, and more. To get ahead on your online security, download Redact at redact.dev/download.