Social Engineering

Social Engineering is an approach to gain access to information through misrepresentation.  It is the conscious manipulation of people to obtain information without their realizing that a security breach is occurring.  It may take the form of impersonation via telephone or in person and through email.  Some emails entice the recipient into opening an attachment that activates a virus.

Follow these best practices:

  • Before providing information to a telephone caller, check if the individual is authorized to receive that information.
  • Employees should report any suspicious calls to the appropriate individual in your organization.
  • Before opening an email attachment or clicking on a link, verify it is from someone you know, ensure your anti-virus software is current and that the message in the email makes sense for you to receive.  If all the parts don’t add up, the attachment may contain a virus.  Delete it immediately.

 

Cyber Security Tips are provided by Multi-State Information Sharing and Analysis Center (MS-ISAC), http://www.msisac.org