Social Engineering is an approach to gain access to information through misrepresentation. It is the conscious manipulation of people to obtain information without their realizing that a security breach is occurring. It may take the form of impersonation via telephone or in person and through email. Some emails entice the recipient into opening an attachment that activates a virus.
Follow these best practices:
- Before providing information to a telephone caller, check if the individual is authorized to receive that information.
- Employees should report any suspicious calls to the appropriate individual in your organization.
- Before opening an email attachment or clicking on a link, verify it is from someone you know, ensure your anti-virus software is current and that the message in the email makes sense for you to receive. If all the parts don’t add up, the attachment may contain a virus. Delete it immediately.
Cyber Security Tips are provided by Multi-State Information Sharing and Analysis Center (MS-ISAC), http://www.msisac.org