The Effects Of Social Engineering And Pharming, And How To Combat It

 


Post 6 - Social engineering attacks can have severe financial impacts on companies and individuals alike. According to the IBM Cost of a Data Breach 2022 report, social engineering attacks average over $4 million in costs, with some instances resulting in losses as high as $100 million due to fraudulent invoices. Citizens are also affected, often experiencing financial theft and identity theft.  Below I communicated the most interesting types of security incidents.

Social engineering is a tactic used to manipulate, influence, or deceive victims to gain control over computer systems or to steal personal and financial information. It relies on psychological manipulation to trick users into making security mistakes or divulging sensitive information. Social engineering encompasses various schemes aimed at stealing information, including phishing, baiting, tailgating, scareware, dumpster diving, and quid pro quo. These tactics can vary in complexity and may involve multiple steps to achieve their goals. As stated in Certmaster Learn Tech+, TestOut Corp (2024) “Social engineering takes many forms, but always with the same aim: to get you to reveal personal or sensitive information about yourself or your organization.” Such tactics can compromise your finances and identity in the digital world.

From an employee perspective, falling victim to any type of social engineering can lead to impersonation, resulting in the unauthorized access to patient, customer, or company information, which can then be used for blackmail or coercion. Addressing these practices is challenging and tracking them can be quite difficult.

Preventative measures against social engineering include regularly destroying sensitive documents such as bank statements, student loan information, and other account details using cross-shredders or secure receptacles at work that are incinerated. Additionally, it is important to be cautious of tempting offers; if an offer seems too good to be true, it likely is. Using search engines to verify the legitimacy of offers can help identify traps.

One type of social engineering attack to focus on is pharming. As defined by Kaspersky.com, pharming is a cyberattack where criminals redirect internet users from a legitimate website to a fake one, aiming to capture personally identifiable information (PII) and login credentials or install malware. Pharming commonly targets financial sector websites, including banks, online payment platforms, and e-commerce sites, with identity theft as the goal.

Pharming differs from phishing in that it does not rely on enticing users to click on links. Instead, users can be redirected to fake sites even when navigating to correct ones, making pharming more insidious. This method, termed "phishing without a lure," can affect numerous computers without conscious action from victims. Hacked information can be exploited on the dark web or for identity theft.

Pharming involves two stages: first, hackers install malicious code on a computer or server, and second, the code redirects users to fake websites to collect personal information. This redirection occurs automatically, posing significant risks, especially for Internet Service Providers (ISPs), as the malicious code can spread rapidly across connected devices.

To protect against pharming, users should choose reputable ISPs that filter out suspicious redirects and enable two-factor authentication where possible. This additional security layer makes accounts harder to hack, even if login details are compromised through pharming.

Protecting personal and company information requires collaboration between individuals and organizations. Effective prevention combines intelligent skepticism from users and robust technological measures from employers to combat social engineering tactics.


Comments

Post a Comment

Popular posts from this blog

Network Security - The History And Future

Image
  Post 7 - In the early days of technological advancement, innovations such as the Tandy computer and Apple Macintosh machines captivated our imaginations and ushered in a new era of learning and production. Previously, tools like pencil and paper, card catalog systems, and filing cabinets were the most efficient methods for organizing information. However, the advent of computers revolutionized this process, providing new ways to store data and enhance productivity. Today, technology is deeply integrated into our lives through smartphones, wearable devices, and more, making it indispensable.   Despite the initial perception that our technological advances would solely benefit humanity, we now recognize the necessity of protecting these inventions from exploitation. As technology evolved, so did threats such as viruses, malware, and social engineering. Consequently, network security has become crucial in safeguarding against these vulnerabilities.   Network security i...
Read more

My Thoughts On Nike's SNKR.com App

Image
Post 2 - I wanted to take some time and review one of my favorite websites SNKRS.com The SNKRS website offers comprehensive information for those interested in the latest trends in sneakers and streetwear culture. This site is exclusive to the Nike brand and provides updates, details, and purchase opportunities for Nike's most sought-after products. One unique feature of the site is its ability to offer certain shoes that are not available through general retailers, making them exclusively accessible on snkrs.com. This platform can alternate between functioning as a niche website and a company website, with a primary focus on sneakers. SNKRS provides updated articles and releases plus emphasizing sneaker culture today.  A great strength of the site is that it can give a brief history of a specific shoe and the story behind it. The usability of the SNKRS website is highly user-friendly, featuring a clean interface. Navigation is straightforward, enabling users to browse upcoming rel...
Read more

How Computers Play A Part In My Profession Of Healthcare

Image
Post 5 - How do computers play a role in my profession of Healthcare?  Let me explain. The integration of computers in healthcare has significantly transformed the industry. Without computer systems, productivity and profitability within healthcare would be severely limited. All healthcare professionals rely on computers to document patient progress and processes effectively. Computers enable doctors to access patient information remotely via digital medical records. Additionally, computers facilitate payment processing, track patient data through applications such as Epic, and allow professionals to use voice recognition technology to document patient records rather than traditional pen and paper methods. As the healthcare industry increasingly adopts a digital footprint, artificial intelligence (AI) is becoming an integral part of the environment. For instance, radiologists utilize AI to assist in analyzing MRI images, aiding doctors with diagnoses. AI not only contributes to di...
Read more