Dura-Tech joins together with LeadingIT Learn more
Our knowledgeable team will support you organization, allowing your staff to get the most out of your technology.
We implement layers of protection to ensure your organization is secure.
Using best practices, we proactively protect your organization from becoming a victim of cybercrime.
As a Datto Blue Diamond Partner we secure your data with industry leading backup and disaster recovery solutions.
LeadingIT understands the technology needs of your business and offers computer, network and cybersecurity support to help you get the most out of your technology.
Read why businesses small and large across Wisconsin, Illinois and Indiana choose LeadingIT.
Working at LeadingIT means joining a group of people obsessed with taking on the real challenge of cybersecurity and helping businesses.
Stay up to date on the latest security threats your business faces and get tips on how to stay protected and informed.
The average organization is targeted over 700 times per year by a social engineering attack. And, 98% of all cyberattacks include some form of social engineering. It isn’t just a guy with a laptop in a dimly lit room you need to be worried about.
Your business is at risk, and the most likely way a bad actor is going to get through the door is by compromising an employee. It could be an intern in the mail room or even the CFO.
Social engineering is a type of attack that seeks to manipulate a person’s good nature or lack of technical savvy. Instead of brute forcing their way through your IT system, the social engineer tries to gain access to the soft underbelly of your infrastructure by tricking the employees of an organization. These attacks come in a wide variety of forms.
Phishing is the most prevalent kind of social engineering attack. During phishing, scammers send an email with a link that redirects the user to a page or website designed to steal their credentials.
The scammers craft their message to create fear or a false sense of urgency. For example, it might look like an email from a potential recruiter. In this case, it will contain a link that redirects the user to a website where they are encouraged to sign up for the job before the deadline.
This deadline is conveniently a couple of hours away. The user, afraid to miss out on the opportunity, quickly fills out whatever information is required. And, in doing so, surrenders crucial information to the criminals.
Baiting is similar to phishing. However, it involves using an item or offer that entices the victim into giving up information. This may include free gifts, discounts, or a special deal. But, in order to receive it, the customer must first register with their personal or business credentials.
Some baiting attacks aim to infect computer systems with malware. In this case, the attacker leaves a portable storage media device, like a CD or USB, in an open location. The goal is to pique the target’s curiosity so they load the malware into their computer.
In pretexting, the scammer creates a made-up scenario in order to gain access to a victim’s information. This typically involves impersonating a trusted individual, like a bank representative, to whom a user is more likely to give information. While phishing and baiting attempt to use fear or urgency, pretexting relies on creating a sense of trust.
Tailgating is a bolder social engineering tactic as it takes place in the work environment. The scammer poses as someone who has a legitimate business reason to be there. For example, they might pose as a courier and follow an employee into a restricted area. This attack is usually employed when targeting a physical system.
Quid pro quo refers to a favor granted in return for something. During this social engineering attack, the scammer pretends to offer something – usually a service – in exchange for personal information.
For instance, the scammer will call pretending to be a technician trying to help the victim solve a problem with their telephone or computer. In the process, they will ask the victim to disclose certain information that is needed to help ‘solve the problem.’
The types of attacks your business faces are many and varied. However, there are many things you can do to protect yourself. Avoid opening emails from untrusted sources and be careful what sites you visit on your work computer. Disconnect calls offering technical help if nobody has requested it and, if an offer sounds too good to be true, it probably is.
The list goes on and on. Staying safe requires a high level of vigilance. If you don’t have the tools to handle these types of attacks, consider partnering with a cybersecurity expert who does.
LeadingIT offers 24/7, all-inclusive, fast and friendly technology and cybersecurity support for nonprofits, manufacturers, schools, accounting firms, religious organizations, government, and law offices with 20-200 employees across the Chicagoland area.
©2022 LeadingIT. All Rights Reserved.