Social engineering is a form of attack that manipulates a vulnerability in an individual in such a way that they ignore their security by clicking, opening, downloading, or installing files sent by a cybercriminal. All this while not knowing that a scammer is trying to gain access. The success of social engineering relies on errors an individual makes by unknowingly giving access to their system or device. After gaining access, scammers can launch malware attacks, hold back user data using ransomware, and delete, edit, or sell the data on the dark web.
Online crimes are often targeted at specific individuals or companies with the intent to scam, spy or steal information or money. To do so, cybercriminals attempt to gain the trust of the person they plan to trick. Often, trust is built by pretending to be an authentic brand by using the company’s official logo and name, creating fake websites or apps, etc. Sometimes individuals are also lured with exciting offers of a free prize or a gift like the latest Apple iPhone.
How social engineering attacks are launched?
In a social engineering attack, a cyber-attacker often tries to predict the psychological behavior of the target. For instance, while surfing online, an individual may get tempted by websites offering gifts on spinning a wheel of fortune. A user is lured into clicking it, thereby starting an online attack. While the user may not see any difference on their computer screens, the malware payloads may already have begun accessing their data and bank credentials, if available. They can also extend their attack to others connected to that device or account.
Some lures are created after studying the target by spying on their online activities that can be traced on their social media accounts like Snapchat, Twitter, or Facebook. Looking at what they are most likely to get enticed by, a link or message may be created.
What a target may not know about malicious communications?
- The user may not know that the URL of the phishing link is not that of the official website it claims to be.
- They may not realize that actual zoom developers did not make the Zoom app that came on top of the play store .
- Users may not feel suspicious about the picture they can see, which may be laced with malware using a technique such as steganography.
- Hackers cannot authenticate a login request of a hacked account that has two-factor authentication enabled on it after gaining access to someone’s login details. Hence, after a hacker tries to login in, the user gets notifications to approve the login attempt. They may not realize that the notifications they are getting asked for being authenticated for entry into their email, school, or office account are not initiated by them if they are busy or feel that it’s due to a system error.
Ways to keep social-engineering attacks away
Before interacting with a cybercriminal
To avoid falling prey to social engineering attacks, users must not respond to communications from unknown links, SMSes, emails, pop-ups, etc. This can eliminate the danger of being exposed to online threats.
Arvind Paranjpye, the director of Nehru Planetarium, a centre for scientific study in Mumbai, spoke to The Cyber Express about the magnitude of cyber-attacks that can allow a hacker to gain access to someone’s camera without them knowing. He emphasized the importance of limiting internet usage and said, “A person can be traced from any part of the world. So, it is important not to open files sent by unknown contacts or ones that you are not sure about while also limiting their phone usage.”
It is essential to look at one’s own online activity in terms of personal security. It has become a habit to surf online the first thing when one gets up, followed by doing that for most parts of the day, ending up going online as the last thing one does before going to sleep. When all the messages are taken care of, and school, work, or other online commitments are done with, it might be a good idea to leave the phone, tablet, or other online devices aside. Excessive phone usage also brings excessive exposure to content that one has not planned or intended to go through.
What one can do after interacting or using the communications sent by a cybercriminal?
Not downloading unauthentic apps, and free, illegal versions of games that are actually paid, can be one way to keep malicious payloads away that may be left online by hackers to lure potential users. Not opening links offering illegal game hacks or fake job PDFs coming from unknown agencies or individuals, etc. contained in a communication is important to avoid cyber threats. In case of receiving suspicious emails say job emails, doing a background check by looking for work, credentials, and educational background can also help in finding out if they are actually someone with a legitimate account. However, if one realizes after downloading a malicious file or clicking on an unknown link that it does not seem legitimate or is not coming from an official source, one can do the following:
- Take screenshots of the communications with the URL, links, email address, etc. to submit as proof while making a complaint to the local cyber crime cell. The cyber crime cell can be looked up by typing “cybercrime cell” followed by the country or city for specific information. Specific cybercrime cells catering to specific towns can also be found by placing the name of the town or region on Google or another search engine.
- Uninstall the downloaded app or file.
- Delete the messages sent by the cyber-attacker.
- Scan the device for a virus or signs of attacks by running the inbuilt antivirus app. If there is no antivirus tool, getting one is critical for the health of one’s device and data.
- Disconnect the internet to reduce the damage as the hacker who might have gained remote access to one’s device may not find the connectivity to continue the entire attack.
- Create a backup of important files. It will help if one is required to do a factory reset to delete all the data on the device.
- Log out of all the accounts.
- Change all the accounts’ credentials including passwords. Create different passwords in all or most of the accounts one has.
- Let the bank know what happened and ask them to block the cards. Ask them for any other helpful steps. This will help if bank details were available on the impacted device. Keep an eye on suspicious activities.
Best practices
David Spinks, Chairman and moderator of Global Digital Identity (GDI) in the United Kingdom told The Cyber Express that to maintain online safety from cyber-attacks “Ensure your software is always up to date and that you apply all the necessary security patches.”
Companies have teams that look for vulnerabilities in software and services that hackers use to enter a device. Keeping an eye out for software updates is a must not just to have all the latest features installed but also to apply the patches that were made available for the found vulnerabilities. Leaving the device outdated makes them vulnerable to cyber-attacks.
Monitoring login activities on one’s device as found by going through the privacy settings can help keep track of who else is logged into one’s account after gaining unauthorized access. One can then log out from unknown devices.