The Seacoast Bank Note

Bank Note / Protect Your Finances / Understanding the Threat of Social Engineering

Understanding the Threat of Social Engineering

A common misconception about cyber attackers is that they only use advanced hacking tools and technology to break into networks, computers, accounts and mobile devices but this is simply untrue. 

Dollarphotoclub_98757915.jpgToday cyber attackers have learned that one of the easiest ways to steal information or hack your computer is by simply talking to and misleading you. In this social engineering update from Seacoast's Information Security Officer, you will learn how these types of human attacks (social engineering attacks) work, and what you can do to protect yourself and the bank.

What Is Social Engineering?
Social engineering is a type of psychological attack where an attacker misleads you into doing something they want you to do. The simplest way to understand how social engineering works is to take a look at a common, real-world scenario.

You receive a phone call from someone claiming to be from your company's IT support department, a vendor for an application you use or perhaps even Microsoft tech support. The caller explains they have noticed that your computer is behaving strangely, such as scanning the Internet or sending spam, and they believe it is infected. They have been tasked with investigating the issue and helping secure your computer. They then use a variety of technical terms and take you through confusing steps to convince you that your computer is infected. Once you trust in their credibility, you will be directed to a website to download a fix, or asked to give them remote access to your computer.  If you give them remote access to your computer to fix it, in reality, they are going to take it over, infect it, and steal information. 

Keep in mind that social engineering attacks like this are not limited to phone calls; they can happen with almost any technology, including phishing attacks via email, text messaging, Facebook messaging, Twitter posts or online chats. The key is to know what to look out for.


How to Detect and Stop a Social Engineering Attack
The simplest way to defend against social engineering attacks is to use common sense. If something seems suspicious or does not feel right, it may be an attack. Some common indicators of a social engineering attack include:

  • Someone creating a sense of urgency. If you feel like you're under pressure to make a very quick decision, be suspicious. 
  • Someone asking for information they should not have access to or should already know, like your username and password. 
  • Something that sounds too good to be true. A common example is if you are notified you won the lottery or a grand prize drawing even though you never entered it. 

What Should You Do?
If you suspect someone is trying to make you the victim of a social engineering attack, do not communicate with the person any further. If someone calls you on the phone, hang up. If you are chatting with someone online, terminate the connection. If it is an email you do not trust, delete it. 

Preventing Future Social Engineering Attacks

  • Never Share Passwords. If someone is asking you for your password, it is likely an attack. 
  • Don't Share Information. The more an attacker knows about you, the easier it is for them to find and mislead you. Even sharing small details about yourself over time can be put together to create a complete picture. The less you share publicly (Facebook, Twitter, etc) the less likely you will be attacked.
  • Verify Contacts. At times, you may be called by your bank, credit card company, mobile service provider or other organizations for legitimate reasons. If you have any doubt as to whether a request for information is legitimate, ask the person for their name and phone number. Then find the company's phone number from a trusted source, such as the number on the back of your credit card, your bank statement, etc, and verify so you know you are really talking to a representative of the company. Though it seems like a hassle, safeguarding your information is worth the additional step. 
  • Learn More About Suspicious Emails. Click here to learn more about the signs of a suspicious email and what to look for to ensure you do not fall victim to a social engineering attack on this communication channel. 

If you ever have any questions about the validity of communications sent from (or appearing to be sent from) Seacoast Bank, our Customer Service team can be reached at 866-710-5778. 

Topics: Protect Your Finances

Get the latest updates regarding local happenings and financial wellness!

Let's be social.

Categories

Related Posts

Financial Security Series: 5 Tips to Make Online Banking More Secure

Financial Security Series: Quick Tips to Create Memorable and Secure Passwords

Financial Security Series: How to Recognize Phishing Scams

Financial Security Series: Why Mobile Wallets Are the Safer Option

Best Apps for Protecting Your Financial Data

Elder Fraud and Cyber Security - Protect Your Loved Ones Against Elder Fraud
loading...

Connect with a Local Banker.

Are you interested in contacting a local, Florida banker to discuss your individual financial needs? We’d love to speak with you. Schedule a consultation today.

Four Promises. One Goal.

At Seacoast Bank, everything we do is based upon core beliefs summarized in the Four Promises we make to you. When you entrust your banking to us, we promise to:
icon-comfortable
Get you comfortable with the right products and the right team to serve you
icon-day-to-day
Make your day-to-day banking simple
icon-resolve
Resolve out-of-the-ordinary items responsively
icon-invest
Invest in you and your community