No matter how strong your network security is, end-users are often the weakest link in the security chain. Hackers exploit employee gullibility to resort to hacking techniques and phishing scams via social engineering tactics.
Here are 6 tips for IT admins to share with your employees so nobody falls victim to social engineering attacks and risk organizational security!
- DO NOT
provide confidential information and even non-confidential data and
credentials via email, chat messenger, phone or in person to unknown or
suspicious sources.
- If
you are following a link from an email or an unknown site, double check
the URL's target domain carefully before opening it. If it looks fishy, it
probably is!
- Look
for misspelled words, @ signs (that indicate a redirect), and suspicious
sub-domains.
- If
it is insecure and looks really suspicious, run a quick online diagnostics
test to check if the website is associated with any scams, or listed in
any online blacklists.
- Do
not follow nested links as they might be advanced hacking techniques to
gradually lead you to a malicious site.
- Watch
out for uninitiated or automatic downloads. It could be a malware
piggybacking on to your system.
