JD Systems Blog

JD Systems has been serving the Valencia area since 2007, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Would Your Users be Tricked by Social Engineering?

Would Your Users be Tricked by Social Engineering?

The term social engineering may not seem nearly as intimidating as other cybersecurity terms like ransomware or denial of service. Don’t be deceived! Some of the biggest threats to your company’s data and network security use social engineering to manipulate targets into taking a specific action - like disclosing personal information that can be stolen and exploited.

Often overlooked by the media in favor of major data breach events, there are few types of social engineering hacks that have the capability to devastate a business.

  1. Vishing: Given the fact that the number of people who fall for phishing attacks and other email scams has declined significantly, it was only a matter of time before hackers found an alternative avenue to exploit their targets. After abandoning it a few years ago in favor to digital scams, vishing - a fraudulent voice call that seeks personal information - have once again returned as a favorite among hackers and thieves.
  2. HTTPS: SSL certificates used to ensure that a website was legitimate and secure enough to protect your personal information. Websites that have ‘https’ no longer signifies security, as hackers have begun using websites that give away SSL certificates for free and using them to lull victims into a false sense of security. To make sure a website is secure, you’ll want to look for indication of an extended validation SSL (EV-SSL) which are not offered for free! EV-SSLs are signified with a green bar.
  3. Website Copy-Cats: Scammers have become very skilled at making spoof websites that look and feel just like the authentic website but are actually littered with all typesof malware. For example, after the Equifax data loss event in June 2017, Equifax set up a website to help their clients who had their information compromised with the URL: equifaxsecurity2017.com. A spoof of that website, with the domain securityequifax2017.com, was so convincing - it even tricked Equifax themselves! A few things to keep an eye out for when trying to determine if a website is legitimate, include:
    1. Make sure the URL is correct.
    2. Avoid giving out information unless a site has an EV-SSL.
    3. Look for seals of trust from other IT security websites.
    4. Beware of misspellings, typos and broken English.
  4. Every Word Password Theft: There are a lot of hacking tools that will scan through databases - including every word in the dictionary. These tools significantly increase the likelihood that a password that includes an actual word will be cracked and exploited. The best practices are ones that mix numbers, letters and symbols that make no sense.

When it comes to digital threats, for every exploit or hack that is prevented, a few, more advanced ones are developed. The best way to keep your business, and it’s data, safe is to take proactive measures and execute safe internet practices all times - and that goes for your employees, as well! Would you like to learn more about how you can stay ahead of hackers? Call us at JD Systems.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, 23 September 2018

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Best Practices Privacy Technology Cloud Hackers Google Windows 10 Microsoft Backup Business Software Productivity Business Computing Hosted Solutions Malware Efficiency Browser Business Continuity Smartphones Hardware Email Mobile Devices Office Internet Android User Tips Miscellaneous Data Innovation Workplace Tips Disaster Recovery Ransomware Computer Upgrade Small Business VoIP Chrome Network Security Cybercrime Alert Smartphone Social Media Employer-Employee Relationship Server Telephone Systems Holiday Windows App Automation Business Management Save Money Managed IT Services IT Services Microsoft Office Communication Virtualization Law Enforcement Productivity Computers Collaboration Outsourced IT communications Hacking Office Tips Facebook Network Health Passwords Bandwidth Marketing Spam Bring Your Own Device Office 365 Money Mobility Managed Service Provider Managed IT Services Social Engineering Operating System Cybersecurity Remote Computing Quick Tips Application Safety Networking Saving Money Website Data Breach Wi-Fi Router Mouse Mobile Device Management IT Support The Internet of Things Gadgets Work/Life Balance Password Recovery Big Data How To Data Backup HaaS Private Cloud Flexibility Gmail Google Drive Lithium-ion battery Settings Virtual Reality Word Battery Wearable Technology Phishing Mobile Computing WiFi Data Storage Government Retail Best Practice Bluetooth Data Management Meetings USB Biometrics DDoS Robot IT solutions Downtime History Avoiding Downtime Humor Computer Care Unsupported Software Budget Redundancy Cleaning Windows 10 Risk Management Data storage Samsung Automobile Remote Monitoring Artificial Intelligence Hiring/Firing Wireless Fax Server Value End of Support Patch Management Two-factor Authentication Data Security Entertainment Internet Exlporer Environment Scam Excel Spam Blocking Physical Security Worker Apps Cloud Computing Public Cloud YouTube Text Messaging Firewall Vulnerability Rootkit Cast Assessment Relocation Social Shortcut Tip of the week Experience Hybrid Cloud NarrowBand Legal People Bloatware Managed IT Smart Technology Solid State Drive Training Education Television Running Cable Science Windows Server 2008 Music webinar PDF Wireless Technology Mobile Device Mobile Office Black Market Entrepreneur Botnet Two Factor Authentication Audit Vendor Management IT Management Computing Infrastructure Public Computer Human Resources Social Networking Windows 8 Hard Drives Windows 7 Troubleshooting Conferencing Information Technology Chromecast Video Games Internet of Things Travel Computer Fan Charger IT Plan Applications Tablet Consultant Memory Flash Emails Uninterrupted Power Supply Scalability Electronic Medical Records FENG Worker Commute IBM Distributed Denial of Service Files Customer Relationship Management Best Available Books Netflix Save Time Instant Messaging Data Recovery WIndows 7 Software Tips Supercomputer Customer Service Tech Support Tablets Sync Emergency IT Support OneNote Monitor Programming Update BYOD Current Events Streaming Media Shadow IT Analyitcs Telephony Analytics Employer Employee Relationship Root Cause Analysis Going Green SharePoint Reputation Google Docs Managing Stress Users Content Knowledge Internet exploMicrosoft Techology Skype Computer Accessories Laptop Search Loyalty Apple Customer Voice over Internet Protocol HBO Audiobook Network Congestion Advertising Sports Start Menu Transportation Data loss Touchpad How to SaaS eWaste Multi-Factor Security Maintenance Outlook Politics IT Consultant Encryption VPN User Tools PowerPoint Benefits Windows 10s Screen Mirroring User Error Trending Frequently Asked Questions Keyboard Leadership Notifications Hacker

Blog Archive

Upcoming Events

No events