This is the final part in our on-going series on social engineering. In this blog, we give you methods to prevent social engineering attacks.
According to skilled social engineers, our physical stance ‘leaks’ emotional content, which can indicate deceit and malintent. With voice phishing, you can at least make out gaps and voice modulation that can expose a scam. Bu what about BEC and phishing? There is just a screen, devoid of facial expressions and body language. How can you spot and prevent social engineering attacks without personal interaction?
Read on to learn how.
Look at all communication with a critical eye
If they can study you, you can study them. Analyse carefully, each email that comes into your inbox. Are there silly mistakes not expected from the person sending you the email? Is there any urgency created? check the emails “From” name and email id, Does it ‘feel’ odd? Go with your gut and plain ignore such mails. If it was in fact a valid mail, the sender will communicate with you again.
If it seems ridiculous, it really must be. Why would someone suddenly freeze your account? How could you win a lottery prize if you didn’t even buy a ticket? Take a step back and pause. Take a second look at the email. You can probably spot inconsistencies in the email that will tell you it’s a scam. You reacting to their manipulation is the only power social engineers have over you. Take it away and all their scamming attempts will fail.
Technical steps
Being ultra-careful all the time is an overhead you can’t deal with. Security cannot become your full-time concern. So, there are security mechanism you can have in place that will add an additional layer of security.
- Have a strong password policy in place.
- Implement multi-factor authentication.
- Have protocols in your organization for releasing funds.
Purchase third party security services
What if you could rely on a partner who could cover all the bases for you? You could focus on your work and business and let professionals handle the security aspects.
Our Email Advance Threat Protection service accurately detects email-borne threats such as Ransomware, BEC, Domain Spoofing, Advanced Malware, Spear Phishing & Display Name Spoofing. With our DMARC Monitor service, we specialize in scanning domain spoofing using Domain Authentication techniques of rDNS, SPF & Sender ID, DKIM & DMARC
At Logix, we believe in strong gatekeeping. If threats don’t ever enter your systems, you don’t have to spend time and resources fighting to throw them out. Logix has security solutions for protecting your email, your systems, and all the end points in your security fabric.