Are you susceptible to a ‘social engineering' attack?
'In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems,' the Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) explains of these types of scams. Attackers may then use that information to pose as a trusted figure working at, or with, the victim's company in order to gain access, CISA says.
Specific examples of Scattered Spider's social engineering tactics include 'impersonating employees or contractors to deceive IT help desks into granting access,' or 'convincing help desk services to add unauthorized [multi-factor identification] devices to compromised accounts,' according to the FBI.
But social engineering can take many forms — and target everyday individuals, rather than just corporations.
'Typically, the elderly are the most vulnerable to social engineering, but they're not the only victims,' said John Young, a cybersecurity expert and the COO of encryption company Quantum eMotion America. 'Lonely people fall prey to romance scams; those who want instant gratification are vulnerable to get-rich-quick ploys; and otherwise savvy people who have a fear of missing out can get taken by investment scams.'
These types of attacks are also incredibly common. Scammers often contact potential victims through emails and texts (aka phishing and smishing scams) or sometimes over the phone, perhaps posing as a bank or an e-commerce company, and asking the victim to verify their personal information or account passwords.
Joseph Steinberg, a cybersecurity expert and the author of 'Cybersecurity for Dummies,' says these attacks exploit a weakness in the human brain.
'We're not wired to perceive threats from far away. … To survive, for most of history, we didn't have to worry about threats from someone invisible, 3,000 miles away,' Steinberg told Nexstar.
'But people have a tendency to trust technology more than other people,' he added. 'If I walk up to you in the street, and I told you your banker told me you need to reset your password, you'd never trust me. But if you get an email from what looks like [a bank]? That could be different.'
It's also getting harder and harder to differentiate social engineering attacks from legitimate interactions. Artificial intelligence has made it easier for hackers to both gather information on targets and carry out the attacks, as noted by the cybersecurity teams at such organizations as CrowdStrike, IBM and Yale University.
AI can even make it possible for bad actors to create deepfakes (i.e., synthetic photos, video or audio clips that appear nearly indistinguishable from authentic ones) to try and trick victims. Steinberg says he's seen this tactic demonstrated over the phone, with scammers using deepfake audio to mimic the voice of a victim's loved one asking for money or sensitive information.
'Every time I've seen it demonstrated it works,' he said. 'The AIs are that good.'
CISA offers a number of tips for preventing the likelihood of becoming a victim of social engineering attacks, including limiting the amount of personal information you share online, or contacting a bank/company directly (using a phone number provided by the company's official channels) after getting a suspicious email or text, to verify its authenticity.
Now that AI is in the mix, Steinberg also suggests coming up with a plan to verify the identity of their own family members — and most importantly their children — if they get a suspicious call from a person claiming to be a loved one.
'I'm … going to ask them some piece of information that only my child would know,' Steinberg said.
By understanding these tools, the likelihood of becoming a victim is at least minimized, if never completely eliminated.
'The most important thing is to internalize the fact that you're a target,' Steinberg said. 'If you believe that people may be trying to scam you, you just behave differently.'
Young, too, said a skeptical mindset is especially helpful for the vulnerable populations to adopt.
'I teach volunteer classes for AARP to older citizens, and when I explain that in the old days scammers were known as con artists, something clicks for them,' he said. 'It's true; the scammers of today are just another name for con artists who have been using persuasion and their social engineering skills since the beginning of time.'
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Hill
a day ago
- The Hill
Cause of death for celebrity chef Anne Burrell released
Celebrity chef Anne Burrell's death has been ruled a suicide, authorities confirmed Thursday. Representatives told Nexstar that Burrell, 55, was pronounced dead after being found unresponsive in her New York home in June. A 911 call report obtained by PEOPLE showed first responders were initially called to Burrell's home about a suspected cardiac arrest. Reports later indicated that Burrell may have died of a possible drug overdose. On Thursday, the New York City medical examiner's office confirmed to Nexstar that it had ruled Burrell died by suicide. Her death was labeled as 'acute intoxication' from the antihistamines diphenhydramine and cetirizine; ethanol, which can be found in alcohol; and amphetamine, which can be used to treat ADHD. The New York Times previously obtained a document explaining that Burrell had been found unconscious and unresponsive in the shower, 'surrounded by approximately [100] assorted pills.' Burrell was well-known for her appearances on multiple Food Network shows. She grew up in upstate New York and attended Canisius College in Buffalo, earning a degree in English and communications, her Food Network biography reads. She later attended the Culinary Institute of America and the Italian Culinary Institute for Foreigners. Burrell used that knowledge to work in some of New York City's top restaurants. She spent more than three years teaching at the Institute of Culinary Education before returning to restaurant life, according to a statement from her representation. Burrell made her Food Network debut on 'Secrets of a Restaurant Chef.' She and her iconic spiky hair quickly became fan-favorites, and she went on to appear in multiple shows on the network. That includes participating as a competitor on 'Iron Chef America,' a judge on 'Chef Wanted,' the host of 'Worst Cooks in America,' and as a guest star on 'Beat Bobby Flay.' You may also recognize her from 'Chopped,' 'Food Network Star,' and 'House of Knives.' Burrell's work can also be found on bookshelves. She wrote two cookbooks, 'Cook Like a Rock Star' and 'Own Your Kitchen,' both of which became New York Times best-sellers. 'Anne was a beloved wife, sister, daughter, stepmother, and friend — her smile lit up every room she entered,' Burrell's family said in a statement shared with Nexstar last month. 'Anne's light radiated far beyond those she knew, touching millions across the world. Though she is no longer with us, her warmth, spirit, and boundless love remain eternal.' Recently, Burrell had been partnering with CareRite Centers to bring a Signature Culinary Excellence program to the company's rehabilitation and nursing centers to '[redefine] what it means to dine well while healing.' Press releases show she had worked with facilities in Florida, Tennessee, New Jersey, and New York this year. She is survived by her husband, Stuart Claxton, whom she married in 2021. They share a son, Javier, from Claxton's previous marriage.
The Hill
2 days ago
- The Hill
WATCH: Texas coach arrested after assault during youth softball game
MCALLEN, Texas (KVEO) — An umpire's call during a Texas softball game resulted in one coach behind bars — and not those of the dugout. On Saturday night, during the last game of the evening at the Protect Our Nation's Youth International Softball League in McAllen, Texas, parents were in the stands watching their girls play a softball game. During one of the plays, the umpire called an obstruction. One of the team's coaches became upset by the umpire's call and rushed onto the field to voice his disagreement. The coach, identified as Joel Gonzalez, approached the female umpire who made the call. A criminal complaint obtained by Nexstar's KVEO states that the umpire began to explain her ruling to Gonzalez, but he was displeased by this and began using foul language. As a result of his behavior, she ejected him from the game. KVEO obtained video of the incident which shows the two walking away from each other and then meeting up again near home plate. This time, however, Gonzalez nudged the woman with his chest. The other umpire on the field was the female umpire's father. When he saw what was happening, he ran to home plate where the assault was taking place to separate the man and get him off the field. The male umpire began leading the man with one arm back to his dugout. When Gonzalez refused to stand down, the female umpire called off the game, separated herself from the disagreement, and walked to the other side of the field. When the umpire had her back turned to home plate, video appears to show Gonzalez running over and slamming into her with his body, causing her to fall to the ground. Gonzalez was seen wearing a red, white, and blue shirt in the video, the same shirt that appeared in his mugshot. Shortly after the game was called, Gonzalez was arrested by McAllen Police and charged with assault causing bodily injuries. The umpire who was pushed to the ground told authorities that she was holding her umpire helmet at the time of the assault, and pinched her fingers in the metal wire on it when she fell. KVEO reached out to PONY Softball League for a statement regarding the incident. A representative from the organization said that appropriate actions were taken and that Gonzalez will never be allowed to coach on their fields again. The representative noted that the day after the incident the organization requested extra security at the ballpark to ensure that parents and players felt safe. Additionally, Dalinda Gonzalez-Alcantar, CEO of the McAllen Boys & Girls Club issued the following statement after the incident: 'The safety and well-being of our community at Boys & Girls Club of McAllen (BGCM) is our highest priority. We take every situation that might impact the safety or well-being of individuals very seriously. We are aware of a physical altercation between adults at the Softball Complex during a sports tournament. At the time of the incident all protocols were followed and the situation was quickly de-escalated onsite and contained by law enforcement. While the individuals involved were not directly associated with BGCM, we unequivocally do not condone the alleged use of harmful words or actions on Club premises. Our organization will continue to provide the highest level of safety of all participants and attendees.'
The Hill
2 days ago
- The Hill
Police in Wisconsin looking for missing 22-year-old grad student
LA CROSSE, Wis. (WFRV) — Police in Wisconsin are asking for help in finding a missing 22-year-old grad student who disappeared Sunday. According to police, Eliotte Heinz was last seen walking along Front Street South in La Crosse, Wisconsin, around 3:20 a.m. on July 20. Police, as well as her family and friends, have tried unsuccessfully to find her. 17-year-old girl becomes second suspect arrested in Pulaski Memorial Park shooting Heinz is a graduate student at Viterbo University, a private Catholic college in La Crosse, reported Nexstar's NewsNation. Heinz is described as 5 feet, 4 inches tall, weighing 120 pounds, with blonde hair and blue eyes. She was last seen wearing a white T-shirt and jean shorts. Anyone with information is asked to call police at 608-782-7575. No additional details were provided. 'If you have seen anything, even if it's small, anything at all, please call La Crosse Police Department,' Heinz's mother, Amber, told WISN.
