Top 14 Social Engineering Red Flags

Introduction

Most people are aware of the technological side of cybersecurity. They’ve heard about viruses and vulnerabilities and hackers breaking into networks. This way of thinking misses the other potential target of a hacker: the human who uses the computer. Social engineers use human psychology to trick or manipulate people into doing what they want.

Social engineering attacks can be roughly classified into two main categories: phishing attacks and in-person/phone-based attacks. This isn’t to say that attacks have to be one or the other; in fact, some of the most effective phishing attacks involve an email with a phone call as a follow-up. In this article, we’ll discuss some of the red flags associated with common phishing and in-person/phone-based social engineering attacks.

What are Phishing Red Flags?

Phishing emails are one of the most common forms of social engineering. Unlike in-person social engineering attacks, phishers can send out hundreds or thousands of emails per second. Even a low success rate means that the attack is successful with dozens or even hundreds of targets.

What are the Most Common Phishing Red Flags?

Phishing emails give themselves away through a variety of red flags. Among these are discrepancies with the sender’s and recipient’s email addresses, the email subject, the email sending time and the email body.

1. Sender Address

The sender’s email address is a great starting point when trying to identify a potential phishing email. While DMARC and DKIM signatures can help with verifying that an email comes from a certain domain, it doesn’t mean that domain is the right one. It’s important to check that the sender’s email address is actually from the company that it appears to originate from. Common tactics for concealing a false domain include misspellings (like substituting rn for m) or using a domain that looks (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Howard Poston. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/Mzu7C7937Og/