Blog

How a Phishing Scam Works and What You Can Do to Protect Yourself

b2ap3_thumbnail_social_engineering_magnet_400.jpgMost hacking attacks are the result of a flaw or vulnerability found within the code of a program or operating system, but we rarely take into account the ones that don’t. Hackers often take advantage of the human side of hacking as well, a process known as “social engineering.” This is usually the act of conning users into handing over personal information of their own free will, and it’s surprisingly effective.

As you can imagine, social engineering involves exploiting the people who work with the technology rather than the technology itself. This particular method allows those who might not be as tech-savvy (or those who aren’t particularly known for their common sense) to obtain important information, like passwords or dates of birth, from unsuspecting foes. Those who are more skilled with technology can perform more elaborate social engineering attacks, like replicating websites to infect systems with malware upon visitation, or download infected software.

The most well-known social engineering hacking attack comes in the form of a phishing attack. These are typically the type of emails which appear to be the genuine article from an institution you might have relations with, such as a bank. These emails request that you update or confirm your personal information. It can be difficult to discern these from the real deal at times.

Other, more focused attacks are called spear phishing attacks. These are designed to target a specific individual, or multiple specific targets. Sending emails personalized to get users to fork over financial information, or even going to lengths such as contacting your business posing as someone from a media outlet.

According to HowToGeek.com, this method isn’t limited to being used remotely. Social engineering hackers can also get up close and personal with their attempts:

An attacker could walk into a business, inform the secretary that they’re a repair person, new employee, or fire inspector in an authoritative and convincing tone, and then roam the halls and potentially steal confidential data or plant bugs to perform corporate espionage. This trick depends on the attacker presenting themselves as someone they’re not. If a secretary, doorman, or whoever else is in charge doesn’t ask too many questions or look too closely, the trick will be successful.

How To Prevent Social Engineering Attacks
In the end, keeping your business safe from social engineering attacks comes down to identifying them from the genuine article. In order to minimize the risk of falling prey to these hacks, keep these tips in mind.

  • Some suspicion is better than none at all. If you’re receiving strange emails, messages, or phone calls from users you don’t recognize, it’s best to be on the safe side and not respond until you’re sure that you’re dealing with the real deal. It’s better to call the institution at the number you have on record before handing over any information you feel is suspicious. If something seems suspicious, such as poorly worded emails and strange links, it's best to question it.
  • Avoid links in emails to websites which gather sensitive information. These websites could be fake phishing sites designed to look like the official institution website. For example, you receive an email asking to update your bank information, and the link leads to a sign-in form. This is a fake site designed to fool you into entering your credentials. In this case, it’s best to try logging into the official site rather than through the email. Look at the URL and scan it for subtle differences which might hint at trickery.
  • Enable spam and phishing filters for your email and browser. Some browsers have built-in phishing and security filters, which should always be active. These can prevent your employees from accessing a known phishing site. One particularly powerful solution is White Mountain IT Services’s Unified Threat Manager (UTM). This solution equips your business with everything it needs to keep outside threats from getting into your network, including spam filtering and web content blocking.

Ultimately, the best defense against social engineering hacking attempts is to stay vigilant and educated about how to best approach suspicious situations on the web. White Mountain IT Services can equip your business with the tools it needs to stay safe and educate your staff on how to identify fraud when they see it. For more information about how White Mountain IT Services can keep your business safe, give us a call at 603-889-0800.

By accepting you will be accessing a service provided by a third-party external to https://www.whitemtn.com/

Related Posts

With email being such a huge part of doing business, phishing has become a favorite tool of many scammers. To fight back, it is key that you know how to recognize a phishing email, so we’re dedicating some time to doing just that.

While it initially sounds promising to hear that the number of data breaches seen last year went down significantly, it is important to recognize that the number of data records leaked as a result more than doubled. One clear cause was the resurgence...
Since the beginning of the COVID 19 pandemic, it has been clear that many companies were not prepared to continue their operations remotely. This was largely due to their leadership being convinced in recent years that allowing people to work remotel...
When we think of cybercrime, most people’s minds go to one of two places. On the one hand, some think about the annoying, misspelled emails that are so obviously scams, while on the other, we can’t help but think about the hacks that we see in movies...
When people talk about cybersecurity nowadays, there certainly seems to be a lot of emphasis put on phishing attacks and ransomware. This is for good reason. Not only can either of these attack vectors create significant difficulties for a business, ...
Having success in business often relies on developing trustworthy relationships. You have to trust your vendors and suppliers to get you the resources you need, you need to trust your staff to complete their tasks without putting your business in har...
If you’ve been reading this blog for any length of time, you’ve seen us reference a phishing attack. Whether you are being asked by some supposed Nigerian prince to fork over money or you are getting an email by what seems to be your bank that direct...
With COVID-19 creating an unsure situation for so many businesses, and by extension their employees, these employees are suddenly finding themselves in a vulnerable position. Regardless of whether or not your employees are able to come into the offic...
Think of how easy it is to trick a human. Entire industries are centered around it. Just think about the flashy magazines at the checkout counter promising us perfect summer bodies if we just follow Channing Tatum’s simple 30-step breakfast routine. ...
Starting in 2008, Verizon has produced a report outlining the cybersecurity incident trends that the previous year demonstrated. In doing so, they have provided a resource that gives businesses greater insights into where their cybersecurity efforts ...
With the given pandemic, a lot of people have had a bit more time on their hands, so it makes sense that many are turning to streaming services and the like for their entertainment. Unfortunately, this has not gone unnoticed by cybercriminals. Let’s ...
Cybersecurity should always be a priority for a business, and cyber criminals are always evolving their tactics. As a result, it pays to keep an eye on the horizon for the next looming threats. Here, we’re reviewing a few threats that cybersecurity p...

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our office in NH.  For locations outside of our service area, we will manage a local vendor to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 100 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

 

White Mountain IT Services
33 Main Street, Suite 302
Nashua, New Hampshire 03064

 

603-889-0800

map nashua4 1

 

Open Positions