What Is Social Engineering?

Security researchers have revealed that social engineering is one of the most prevalent attacks against organisations and their network.  But what is social engineering, you might ask? How does it affect you and your business?  This post explores exactly that, and what you can do to protect yourself from falling victim to it.

To put it simply, social engineering is the psychological manipulation of people into divulging confidential information.  Unfortunately, and commonly, this confidential information includes usernames and passwords.  These could be for email addresses, bank accounts, or even a Hosted Desktop or network environments.  Typical tactics are to evoke, and take advantage of a potential victim’s emotional reactions. 

Examples could be:

  • Receiving an email from a well-known company thanking you for a recent order.  You don’t remember making this order?  But there’s a receipt attachment, so you should open it and check it… right?  In reality, the attachment is a virus designed to steal logins and passwords from the user’s computer.

  • Posing as a Director or Line Manager and asking for credit card details or for a payment to be made to a new account.  If your Manager has asked you to do it, then surely it must be ok?

  • Asking you to verify or update your information or face suspension of a service.  For instance, saying that unless you verify your login details and security answers your email account will be deactivated within 24 hours.  Creating a sense of urgency and fear.

What are the facts?

  • 31% of targeted attacks are at businesses of under 250 members of staff
  • Social engineering is one of the most prevalent forms of attacks against these organisations
  • 81% of security breaches are due to stolen or weak passwords
  • 90% of employee passwords could be cracked within 6 hours
  • 65% of people use the same password everywhere.


Protecting Your Business from Social Engineering

Protecting yourself and your business

Don’t keep your password written down on a piece of paper or post it on your desk.  Yes, we know that its long, full of strange characters, difficult to remember, and that Paul from Accounts does it, but it’s really best not to.

Be suspicious of any requests for information such as passwords or sensitive information.  This is especially true of requests via email or phone – more than likely, it’s not legitimate.

Keep devices up to date.  Set your anti-virus, spam filters and computer updates to auto-update.  At the very least you should manually update them regularly.

Implement two-factor authentication.  This adds another layer in the logging in process and protects you against stolen or fraudulently obtained login details.  Typically, this would require a code to be entered that is sent directly to the authorized user’s phone, or for them to confirm an alert sent to them regarding the login.


What are Cloud2Me doing to protect customers against Social Engineering?

That’s a great question, and one which we hoped you would ask!  We take the security of our customers very seriously.  We know that social engineering threats are on the increase, and to combat this, we are actively encouraging that our customers implement two-factor authorization.

This would mean, that even if a user fell foul of social engineering and unwittingly disclosed their login details to say, their Hosted Desktop, the sneaky social engineer wouldn’t be able to gain access.  This is because they wouldn’t be able to bypass the second level of the login without the user’s smartphone, which would be asking them “Is that you trying to login?”  Of course, it isn’t.

For more information on social engineering, or how we can make your hosted service more secure, contact us via info@cloud2me.co.uk or by calling us on 01737 304210.

Older
Newer
  • “When I was looking for a hosted desktop solution, I wanted something that was reliable, secure and affordable. I shopped around the market place and Cloud2Me came up highly on all accounts.”

    Peter Bradley – Director
    Integral Talent

  • “We would certainly recommend the services Cloud2Me supply. Much less hassle than building our own cabled network, and Cloud2Me are very quick and helpful when responding to any questions.”

    Tristan Haines - Director
    Zepho Enterprises

  • “I was amazed at how quick the hosted desktop works, faster than my laptop! I love that I can have a pure business desktop which I can access from my windows desktop, home MAC and iPad. Cloud2Me has been a perfect solution provider. ”

    Graham Forbes - Director
    Interesting Apps

  • “I would highly recommend services from Cloud2Me. They’re good value, but most of all the service is excellent. There’s always support available at the end of the phone and Cloud2Me always go that extra mile to help out.”

    Charles Cridland – Director
    Your Parking Space

  • “We were initially cautious and uncertain of the security of working like this – this is something we have swiftly put behind us, the system is completely secure and reliable. Based on our experience I would highly recommend this service to anyone considering an ‘office in the cloud’ with Cloud2Me.”

    Bryn Towns - Director
    RoqSolid

  • “The technical support provided by Cloud2Me is great. Furthermore, I find the service offered by them to be very flexible and tailored to meet our individual needs… The way we are able to access our server wherever we are has transformed the way we work.”

    Dwain Coward
    Coward & Co Solicitors - Senior Partner

  • “I have not had any hitches and any maintenance they carry out never disrupts the services. The customer service is fantastic, even when I email late on an evening I still get a quick response that night, or first thing the next morning. I highly recommend Cloud2Me and their services.”

    Jody Nicholl
    Boolas Bakery

Ready to embrace the Cloud? Request a no obligation, 14 day free trial today.