People
Cards (6)
- Why do security threats arise because of people
- A lot of the time, security threats arise because organisations fail to properly secure their network - they might forget to encrypt their data or use a bad code
- Other instances are a result of hackers manipulating employees
- People are often the weak point in secure systems
- What is social engineering?Social engineering is a way of gaining sensitive information or illegal access to networks by influencing people , usually the employees of large companies
- Using a telephone for social engineering
- A common form of social engineering occurs over the telephone
- Someone rings up an employee of a company and pretends to be a network administrator or somebody else within the organisation
- The social engineer gains the employees trust and persuades them disclose confidential information- this might be personal (e.g. their login details) or sensitive company data
- Phishing
- Another type of social engineering is phishing
- Phishing is when criminals send emails or texts to people, claiming to be from a well known business (e.g. a bank or online retailer)
- The email often contains links to spoof versions (humorous imitation) of the company’s website
- They then request that the user update their personal information (e.g. password or bank account details)
- When the user inputs this data into the website they hand it all over to the criminals who can then access their genuine account
- Why phishing emails are sent to many peoplePhishing emails are often sent to thousands of people, in the hope that someone will read the email and believe its content is legitimate
- Stopping Phishing / Ways to prevent yourself being a victim to Phishing
- Many email programs, browsers and firewalls have anti phishing features that will reduce the number of phishing emails received
- There are often giveaways that you can spot e.g. poor grammar
- Emails asking users to follow links or update personal details should always be treated with caution