Social engineering tactics let hackers take cyber attacks to a whole new level by focusing on a specific target. This kind of special attention and extra detail can often be just enough to fool users into clicking, downloading, or otherwise helping a hacker get exactly what they want.
Here are 5 of these scams you should know how to spot and avoid.
- Phishing – The most common type of social engineering scam, phishing is typically done through email. By posing as a financial institution or government agency, hackers send out urgent-seeming emails that contain malicious attachments or embedded links that when clicked release malware onto your system.
- Baiting – Like phishing, these emails often appear to come from a legitimate source. Rather than relying on scare tactics these emails instead offer the target some sort of incentive to open attachments or click on links, like a free gift card or a free mobile phone or tablet.
- Tailgating – This low-tech tactic is still surprisingly common. By pretending to be a fellow employee who forgot their badge or a delivery person, a scammer will ask you to open a door for them that will allow them access to workstations or restricted areas.
- Pretexting – Another form of phishing, this has a hacker pose as a C-level employee or a supervisor from another department and send an email asking for sensitive information like passwords. They might also send an attachment that contains a hidden malicious payload.
- Quid Pro Quo – Much like baiting, this tactic has hackers pose as someone who can help the target with a task in exchange for information. Typically this ruse involves the hacker pretending to be IT support, offering to fix a non-existent problem in exchange for login credentials.