Hi guys,
I hope this article finds you well! Today, I will talk about a topic that affects millions of people every year: social engineering. Despite the rise in cybersecurity awareness, social engineering attacks continue to be a major threat to individuals and businesses alike. In this article, I will explain what social engineering is in simple terms, provide some statistics, share real-world examples of people who have been affected, and offer tips on how to protect yourself.
Social engineering is a term used to describe the use of psychological manipulation to trick people into giving up their personal information or doing something they wouldn’t normally do. It’s a form of cybercrime that doesn’t rely on hacking or technical skills but rather on exploiting human nature. Social engineering can be extremely effective and can cause serious harm, so it’s important to understand what it is and how to protect yourself from it.
Statistics
According to the 2021 Data Breach Investigations Report by Verizon, 36% of data breaches in 2020 involved social engineering attacks. The report also found that 85% of social engineering attacks involved phishing, where attackers use fraudulent emails, text messages, or websites to trick victims into giving up their personal information.
Real-world Examples
- In 2016, a hacker used social engineering tactics to gain access to the email account of John Podesta, who was the chairman of Hillary Clinton’s presidential campaign. The hacker sent a phishing email to Podesta’s personal Gmail account, pretending to be from Google, and asking him to reset his password. Podesta fell for the trick, and the hacker was able to access his emails, which were later leaked online.
- In 2020, a teenager in the UK posed as a bank employee to trick an elderly woman into giving him her debit card and PIN. The teenager called the woman, pretending to be from her bank, and told her that there was suspicious activity on her account. He then convinced her to give him her card and PIN so he could “cancel” the transactions. The teenager later used the card to make unauthorized purchases.
- In 2018, a group of cybercriminals used social engineering tactics to steal $1.3 million from a cryptocurrency exchange in Japan. The attackers created fake websites and social media accounts, posing as representatives of the exchange, and convinced employees to download malware that gave them access to the exchange’s systems.
How Easy is it?
Social engineering can be surprisingly easy, as it preys on people’s natural tendencies to trust others and want to help. Attackers can use a variety of tactics, including phishing emails, phone calls, and social media messages, to trick their victims into divulging personal information or performing actions that they wouldn’t normally do.
How to Protect Yourself
- Be wary of unsolicited emails or messages. If you receive an email or message from someone you don’t know, be cautious about clicking on any links or providing any personal information.
- Verify requests for personal information. If someone asks for your personal information, such as your social security number or bank account information, be sure to verify their identity first. Call the company directly or use a trusted website to do so.
- Use strong passwords and two-factor authentication. Make sure your passwords are difficult to guess, and use two-factor authentication whenever possible to add an extra layer of security.
- Stay up-to-date on the latest threats. Keep yourself informed about the latest social engineering tactics and stay alert to any suspicious activity.
Conclusion
Social engineering is a serious threat that can cause significant harm if you fall victim to it. By understanding what it is and how to protect yourself, you can minimize your risk and stay safe online. If you have any concerns about social engineering or other privacy-related issues, don’t hesitate to contact our privacy care team using the contact us section in the Incognito app. One of our experts will be able to advise you and help you stay secure online.
Talk to you soon, and all the best,
Max Roberts,
Incognito Privacy Care Team