JD Systems Blog

JD Systems has been serving the Valencia area since 2007, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Would Your Users be Tricked by Social Engineering?

Would Your Users be Tricked by Social Engineering?

The term social engineering may not seem nearly as intimidating as other cybersecurity terms like ransomware or denial of service. Don’t be deceived! Some of the biggest threats to your company’s data and network security use social engineering to manipulate targets into taking a specific action - like disclosing personal information that can be stolen and exploited.

Often overlooked by the media in favor of major data breach events, there are few types of social engineering hacks that have the capability to devastate a business.

  1. Vishing: Given the fact that the number of people who fall for phishing attacks and other email scams has declined significantly, it was only a matter of time before hackers found an alternative avenue to exploit their targets. After abandoning it a few years ago in favor to digital scams, vishing - a fraudulent voice call that seeks personal information - have once again returned as a favorite among hackers and thieves.
  2. HTTPS: SSL certificates used to ensure that a website was legitimate and secure enough to protect your personal information. Websites that have ‘https’ no longer signifies security, as hackers have begun using websites that give away SSL certificates for free and using them to lull victims into a false sense of security. To make sure a website is secure, you’ll want to look for indication of an extended validation SSL (EV-SSL) which are not offered for free! EV-SSLs are signified with a green bar.
  3. Website Copy-Cats: Scammers have become very skilled at making spoof websites that look and feel just like the authentic website but are actually littered with all typesof malware. For example, after the Equifax data loss event in June 2017, Equifax set up a website to help their clients who had their information compromised with the URL: equifaxsecurity2017.com. A spoof of that website, with the domain securityequifax2017.com, was so convincing - it even tricked Equifax themselves! A few things to keep an eye out for when trying to determine if a website is legitimate, include:
    1. Make sure the URL is correct.
    2. Avoid giving out information unless a site has an EV-SSL.
    3. Look for seals of trust from other IT security websites.
    4. Beware of misspellings, typos and broken English.
  4. Every Word Password Theft: There are a lot of hacking tools that will scan through databases - including every word in the dictionary. These tools significantly increase the likelihood that a password that includes an actual word will be cracked and exploited. The best practices are ones that mix numbers, letters and symbols that make no sense.

When it comes to digital threats, for every exploit or hack that is prevented, a few, more advanced ones are developed. The best way to keep your business, and it’s data, safe is to take proactive measures and execute safe internet practices all times - and that goes for your employees, as well! Would you like to learn more about how you can stay ahead of hackers? Call us at JD Systems.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, 20 July 2018

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Best Practices Privacy Technology Cloud Hackers Google Microsoft Windows 10 Backup Business Productivity Hosted Solutions Software Business Computing Malware Browser Efficiency Email Mobile Devices Office Smartphones Internet Business Continuity Hardware Data Android Innovation User Tips Miscellaneous Upgrade Disaster Recovery Ransomware Workplace Tips Computer Small Business VoIP Chrome Network Security Cybercrime Smartphone Social Media Alert Windows Save Money Telephone Systems IT Services Microsoft Office App Automation Communication Business Management Managed IT Services Employer-Employee Relationship Server Holiday communications Law Enforcement Hacking Productivity Computers Collaboration Outsourced IT Passwords Virtualization Office Tips Facebook Network Health Spam Mobility Managed Service Provider Bring Your Own Device Social Engineering Office 365 Managed IT Services Money Application Bandwidth Marketing Operating System Cybersecurity Remote Computing Quick Tips Data Breach IT Support Gadgets Big Data Router Wi-Fi Mobile Device Management How To Data Backup The Internet of Things Lithium-ion battery Work/Life Balance Password Recovery Networking HaaS Private Cloud Saving Money Gmail Flexibility Website Google Drive Safety Mouse Remote Monitoring Avoiding Downtime Government Best Practice Unsupported Software Retail Redundancy Windows 10 Data Management Meetings Biometrics DDoS Robot IT solutions History Downtime Excel Computer Care Budget Cleaning Data Security Risk Management Data storage Samsung Automobile Artificial Intelligence Hiring/Firing Wireless Spam Blocking Value Fax Server End of Support Patch Management Mobile Computing Entertainment Two-factor Authentication Cloud Computing Scam Environment Internet Exlporer WiFi Word Phishing Bluetooth Physical Security Data Storage USB Worker Apps Public Cloud Settings Humor Virtual Reality Wearable Technology Battery Hybrid Cloud Best Available IT Plan Experience Shortcut Flash Smart Technology People Emails Legal Bloatware NarrowBand Training Running Cable WIndows 7 FENG Education IBM PDF Tablets Music Two Factor Authentication Mobile Office Netflix Mobile Device Entrepreneur Black Market Wireless Technology Data Recovery Vendor Management Computing Infrastructure Social Networking Analytics Supercomputer Information Technology Hard Drives Software Tips Troubleshooting Chromecast Sync IT Support Video Games Internet of Things Update Charger Managing Stress OneNote Applications Users Current Events Memory Uninterrupted Power Supply BYOD Telephony Electronic Medical Records Scalability Google Docs Distributed Denial of Service Root Cause Analysis Worker Commute Customer Relationship Management Files Knowledge Books Skype Save Time Instant Messaging Voice over Internet Protocol Customer Service Loyalty PowerPoint Network Congestion Tech Support User HBO Emergency Start Menu Programming Monitor Hacker Multi-Factor Security Streaming Media Data loss SaaS IT Consultant Analyitcs Shadow IT Outlook Going Green Tools Employer Employee Relationship SharePoint Windows 10s Reputation Trending Screen Mirroring Content Internet exploMicrosoft Leadership Techology Frequently Asked Questions Laptop Computer Accessories Apple Vulnerability Search Customer Advertising Science Cast Audiobook Assessment Tip of the week Transportation Sports Touchpad Human Resources Managed IT eWaste Solid State Drive How to Television Windows 8 Encryption Politics Maintenance Windows Server 2008 Benefits webinar VPN Botnet User Error Audit Public Computer Tablet Notifications Consultant IT Management Keyboard Windows 7 Firewall Conferencing Text Messaging YouTube Travel Rootkit Computer Fan Social Relocation

Blog Archive

Upcoming Events

No events