Social engineering is a powerful and the one of the easiest ways for bad actors to penetrate your business.
The latest Verizon Wireless report indicated that Phishing and Pretexting was involved in 98% of cases they tracked.
What is phishing?
Phishing is a method usually through email that is designed to have your staff click on a link to (possibly download malware) or give up usernames and passwords. It is specifically designed to target your employees.
What is pretexting?
Pretexting is a made up situation. Say the bad guys send an email to your staff that looks like its coming from your IT department stating that it’s time to audit your passwords, this made up situation will likely get your staff to follow through. There are numberless circumstances that could be conjured up that will get your employees to do something.
This is much easier that trying to break though your firewalls.
Your staff is the best defense against social engineering….they just need to know how to do it.