Before we identify the social engineering threat, we must first define what this means. This is a strategy used by cyber attackers by relying heavily on human interaction and often involves tricking people into breaking standard security practices. This type of threat is one of the major threats facing organizations, schools and many institutions who have embraced the use of technology in their day to day operation. There are many types of risk associated with social engineering, but in this paper, I shall focus on two social engineering threats and how they can be mitigated. The two types are:
i. Phishing
This is social engineering threat in which the attacker sends fraudulent emails purporting to be from reputable companies with the intention of persuading unsuspecting online users to reveal crucial personal information such as passwords, credit card numbers and other valuable personal information. This phishing usually come in the form of spam and have characteristics such as of link shorteners that redirect users in the web to external websites that seem to appear legitimate. Furthermore, phishing is very much inclined to seeking to obtain personal information and often prompts the user to fill in details of their personal data. To make matters worse, they threaten and instill fear on online users. They are often found many forms of websites and other social media sites where the is a huge traffic.
Mitigating the threat of phishing
To reduce phishing, any online user must observe some responsibility by avoiding the temptation to open emails with unknown recipients, avoid opening attachments in emails of unknown origin, use a reputable antivirus software, always have a regular backup on an external drive avoid paying any ransom requested by the attackers. For companies, however the need to train their employees and test them to keep them on toes ("Social Engineering Attacks: Common Techniques & How to Prevent an Attack," 2017).
ii. Pretexting
This is a form of social engineering in which a person uses deceptive means to obtain classified or privileged. It involves a well-orchestrated fraud in which the perpetrator pretends to be genuinely in need of accurate information to confirm the identity of the person he is talking to. Pretexting might take a longer period with the attacker building trust with the targeted individual before asking a series of questions to gather the information. This differs with phishing as they focus on building a false sense of confidence with the victim unlike them which threaten the victim to provide the needed information (Tripwire, 2017).
Mitigating Threat pretexting
The first step in doing so is avoiding giving personal information either by mail or on the phone unless one is completely sure of the other person they are talking to. Also as a person be on the lookout always by learning new strategies of financial institutions about sharing of personal information. Keeping personal information in a safe place is also important as well as alerting the people close to you on dangers of pretexting ("Eight Ways to Defend Against Pretexting," 2017).
Conclusion
Social engineering threat is a real problem especially in the areas which employ the use of technology. Based on that it is, therefore, necessary for an individual to learn the various forms of threats online through identifying their characteristics. Educating and teaching others is also crucial in the fight against these attacks. While we might not eliminate this menace, we as user can minimize the risk involved by observing measures put in place to deal with them
References
Eight Ways to Defend Against Pretexting. (2017). eWEEK. Retrieved 17 May 2017, from http://www.eweek.com/security/eight-ways-to-defend-against-pretextingSocial Engineering Attacks: Common Techniques & How to Prevent an Attack. (2017). Digital Guardian. Retrieved 17 May 2017, from https://digitalguardian.com/blog/social-engineering-attacks-common-techniques-how-prevent-attackTripwire, I. (2017). 5 Social Engineering Attacks to Watch Out For. The State of Security. Retrieved 17 May 2017, from https://www.tripwire.com/state-of-security/security-awareness/5-social-engineering-attacks-to-watch-out-for/
Cite this page
Essay on Social Engineering Threat. (2021, Jul 01). Retrieved from https://midtermguru.com/essays/essay-on-social-engineering-threat
so we do not vouch for their quality
If you are the original author of this essay and no longer wish to have it published on the midtermguru.com website, please click below to request its removal:
- Questions and Answers on Identification of the Potential Causes of a Problem
- Implementation of Traditional Filing and Records Keeping System by Organization - Paper Example
- Personal Statement Example: MSc in Software Engineering
- Paper Example on Big Data Ethics
- Security Technology - Essay Sample
- Sony's Financial Data: Assets, Liabilities, Cash Flow & More - Essay Sample
- Infrastructure: Barrier to E-Commerce Growth & Development - Essay Sample
