Have a phishing incident response program in place prepared to take false websites offline as quickly as possible. This will protect your customers from being lured to false websites that look like yours in an attempt to compromise their personal information. Remember, this type of attack will also erode your brand and customer confidence. Implement monitors to ensure your website has not been modified or tampered with. A pharming defense program can monitor your website for unauthorized changes and ensure your customers are being routed properly to you and not a malicious site.
Social engineering is the practice of obtaining confidential information by manipulating people. In contrast, hacking is typically compromising a computer system in order to control or otherwise access sensitive information. Social engineering is getting people to do something they wouldn’t do normally. In short, social engineering is hacking people rather than computer systems.
Social engineering has been an effective method of committing fraud for centuries. Recently, however, it has been used more and more to assist criminals in perpetrating crimes that can net large sums of money. Without one social engineering method or another, most current attacks would not be successful.
Employees are an organization’s weakest link and social engineering attacks are only limited by the creativity of the perpetrator. Although there is no way to stop social engineering attacks entirely, we can do much more than we are today to reduce our exposure to them. Strictly enforced policies and procedures combined with training, testing and technology can reduce your risk from these types of attacks.
Here, Perimeter's Chief Technology Officer Kevin Prince offers five actions that can be taken to reduce your exposure.
Be sure to check out other slideshows from Perimeter: