A common misconception about cyber attackers is that they only use advanced hacking tools and technology to break into networks, computers, accounts and mobile devices but this is simply untrue.
Today cyber attackers have learned that one of the easiest ways to steal information or hack your computer is by simply talking to and misleading you. In this social engineering update from Seacoast's Information Security Officer, you will learn how these types of human attacks (social engineering attacks) work, and what you can do to protect yourself and the bank.
What Is Social Engineering?
Social engineering is a type of psychological attack where an attacker misleads you into doing something they want you to do. The simplest way to understand how social engineering works is to take a look at a common, real-world scenario.
You receive a phone call from someone claiming to be from your company's IT support department, a vendor for an application you use or perhaps even Microsoft tech support. The caller explains they have noticed that your computer is behaving strangely, such as scanning the Internet or sending spam, and they believe it is infected. They have been tasked with investigating the issue and helping secure your computer. They then use a variety of technical terms and take you through confusing steps to convince you that your computer is infected. Once you trust in their credibility, you will be directed to a website to download a fix, or asked to give them remote access to your computer. If you give them remote access to your computer to fix it, in reality, they are going to take it over, infect it, and steal information.
Keep in mind that social engineering attacks like this are not limited to phone calls; they can happen with almost any technology, including phishing attacks via email, text messaging, Facebook messaging, Twitter posts or online chats. The key is to know what to look out for.
How to Detect and Stop a Social Engineering Attack
The simplest way to defend against social engineering attacks is to use common sense. If something seems suspicious or does not feel right, it may be an attack. Some common indicators of a social engineering attack include:
What Should You Do?
If you suspect someone is trying to make you the victim of a social engineering attack, do not communicate with the person any further. If someone calls you on the phone, hang up. If you are chatting with someone online, terminate the connection. If it is an email you do not trust, delete it.
Preventing Future Social Engineering Attacks
If you ever have any questions about the validity of communications sent from (or appearing to be sent from) Seacoast Bank, our Customer Service team can be reached 24/7, 365 days a year at 800-706-9991.