“Passwords are like underwear: don’t let people see it, change it very often, and you shouldn’t share it with strangers.”
– Chris Pirillo
What we’re talking about is different from social engineering within the social sciences. Pertaining to cybersecurity, social engineering is the manipulation of people into performing actions or divulging pertinent information. This is why this hack tends to be more insidious than the rest.
For this episode of ClearedCast, Greg Stuart, the owner and editor of vDestination.com dishes on why it’s detrimental to the individual, how you can prevent it, what to do if it happens to you, and even tells us a story of when his entire bank and children’s college savings accounts were wiped clean in a matter of 30 minutes.
Greg is a systems engineer by trade, but has worked a slew of different IT jobs throughout his career. He’s an expert in everything IT certifications, and has 20 years of experience under his belt, obtaining industry certs like A+, Network+, Security+, VMware, Certified Scrum Master, and so many others. He currently works as an IT Consultant both in the private and public sector, has his own podcast, and even has time after that to write articles at ClearanceJobs.com.
Greg got interested in IT initially after working in the intelligence arena. He joined the US Air Force as a Signals Intelligence (SIGINT) analyst and found himself working more in LINUX and was fascinated. He did everything from helpdesk, updating user passwords, to becoming the vExpert every year since 2011.
Seeing systems and infrastructure from all of these different vantage points gave him a well-rounded view on where we’re at cybersecurity wise in 2020 – where it’s certainly the focus of defense contractors and other types of organizations. It’s important to note that while adversaries are constantly targeting organizations, the individual is always at risk, too. He gives us an overview of social engineering and why it’s worse than other types of attacks.
The Progression of Social Networking
While social networking has become the norm for people around the world, it opens up opportunities that we might not want to welcome. When saying ‘social networking’, things like Facebook or YouTube came to mind, Then Instagram. Now Snapchat. But with so many applications in the palm of your hand today, any website has some type of networking capability in hopes of connecting humans, but really to collect data or sell you something.
Enter the cyber criminal.
Be Safe When You’re Being Social
ClearanceJobs recently released a white paper on safer social networking, especially during COVID-19 and discussed some tips to be mindful of while you’re operating online, including:
- ‘Think before you link’ with all of the fake profiles on public social networks
- Having a clean or sanitized public facing profile
- Watch out for scams over email, and use your companies simulated attacks as a reminder for your personal accounts
- Practicing good cyber hygiene overall across the entire internet
Know What to do When Hacked
There are several cyber attacks that are fairly well known, such as ransomware and hacking, but Greg recently wrote about social engineering attacks that can occur if you don’t practice these things – phishing, smishing, baiting, tailgating, or quid pro quo attacks.
What can people do if they are a victim of these attacks? The very first thing you need to do and do quickly, is disconnect from all of your accounts and log out. The next step is to figure out what was hacked and what information has been stolen or exposed. Reset your password(s) and enable a two factor authentication method on your accounts.
Cyber attacks can be potentially devastating for a company. But for an individual, it can ruin your life.