Two things pushing bad guys to use social engineering today:
- Companies are improving system security, locking doors that bad guys used to break through.
- More people are working from home, with more distractions and separation from workplace environments.
HOW IT WORKS
Social engineering is a fancy name for the old con game. The bad guy will contact you directly by email, phone or text, pretending to be from your employer or a company you do business with, and have an urgent need for information. One example that plays in the work-from-home environment works like this:
- You get an email that claims to be from you company's IT department. It says they need access to your computer to update software and there is a link to click. Clicking the link gives the bad guy access to not only your computer, but your company's network, as well. It may allow them to plant malware on your machine.
What To Do
Pause. Be skeptical and carefully evaluate the request – whether email, phone or text. Look for tell-tale signs that the message is a scam. (learn more here)
Do not click on a link provided, do not reply to a text or give out any information to a caller. Validate the request before doing anything else. If you think it's a scam, delete the email, hang up the phone or delete the text and check it out.
Why It Works
The work-from-home environment contains more distractions - from children to pets to a quick trip to the fridge. Don't allow those distractions to break your security focus. The bad guys are counting on it.
Working from home also means less immediate access to colleagues and support. It's harder to check on an IT request because you are not right down the hall from them or close to a supervisor who can confirm the request. Take a moment to validate a request - whether from your IT department, your bank or anyone else.
Remember our tips to help protect yourself from social engineering and other scams.