Social Engineering: Definition and Tips for Protection
Social Engineering Meaning
Social Engineering is the act of tricking people into giving up their confidential information. This includes but is not limited to passwords, bank info, or access to your computer.
These internet attackers usually try to access other people's devices and computers. Then they can install malicious malware that will allow them to access your passwords, bank info and control your computer.
Criminals use this method because it is easier to fool people into giving up their info than to try and hack their devices. Those criminals are usually called Social Engineers because they hack humans instead of hacking their devices.
Types of Social Engineering Attacks
There are many ways to recognize social engineering. One of them is knowing most of the forms that it comes in. Let's walk through them together:
Email from a trusted source
Phishing attacks are one type of Social Engineering imitating a trusted source to access your confidential or sensitive info. This can come in many forms. Here are some examples:
- Use a phishing attempt with a background that sounds legit: Someone sends you an email that seems like it comes from a famous, trusted company, bank, school, or organization. They might lead you to click on a link or give up your private info.
- A friend in need asking for your help: This is a popular form of phishing that will pose as your friend who has been robbed and is stuck in a country. The social engineer, posing as your friend, claims that they're in dire need of money and ask you to send it.
- A charity or fundraiser asking for donations: These people will use the most talked about charity cases, disasters, issues and ask for your donation.
- Tell you that you have won something: Emails like this can claim to be from a distant, dead relative or the lottery. The link to the 'prize' will seem legit and real; attackers will send you legit-looking links so you can fall into the trap. They will ask for your bank info, password, and usually confirmation, i.e., your social security number. Sadly, people often fall for these phishing tropes because they want what is claimed to be offered.
Email from a friend
Social engineering psychology depends on your emotional attachments. Attackers will usually pose as a friend sending you a text, IM, or email to allude you to click on a link or a media. The link will be for you to download something that will install malware to your device and give criminals access and control it.
Or the email might contain an image, video, music, or a document that will have an embedded malicious software. This malware will infect your device and make it exposed to the attacker.
Response to a question you never asked
This is another method in which criminals pose as famous companies answering your queries and offering to help. Most of the time, it's a bank name or a famous software company.
Criminals use this method to offer people free help because most people will seize the chance even if they didn't really need help. Once you respond to the email, text, or phone call, they will ask for info to confirm your ID.
This usually happens by asking you to confirm. You will be asked to give them your login info or access to your computer so they can fix it. Once the criminal gets a grip on your device, they will easily steal your confidential info.
Scenarios of baiting
Social Engineering attacks happen most of the time on social media platforms or P2P websites. Hackers will disguise their malicious links as links to download a new song, movie, video, or link leading to a false article.
They can also look like job offers on social media. For example, social Engineering criminals will pretend to be recruiters of a famous company looking for candidates on social media. They will create a fake hiring process and tell you that you are accepted.
These fake recruiters will usually put high salaries on the offer. However, they will ask you to pay for props in order to start working.
Many people will take the bait and have malicious malware infect their devices. Or they will pay for props that they will never receive. Social Engineers will carefully throw their 'phishing' rod and wait for someone to take the bait.
The schemes of social engineering vary, but their purpose is the same. They all want to trick people into taking the bait and willingly giving up their confidential info. However, there can always be ways to avoid and protect you from these criminals.
How to Prevent Social Engineering
- Beware of sudden messages, emails, texts, or phone calls.
- Fact-check anything you receive: always contact a customer service agent if you get a job offer, unasked for help, or donation request to make sure that you aren't being scammed.
- Don't overshare your info online.
- Use strong, unique passwords that can't be easily hacked.
- Use two-factor authentication.
- Most importantly, use security software like a trusted antivirus to protect yourself from Social Engineers (see the list of our most trusted antiviruses that we have tested and reviewed)
Recommended Antivirus to Prevent Social Engineering
Intego antivirus is famous for being a Macbook antivirus software. However, they recently expanded to Windows protection as well, and that is great news for us!
Intego provides macOS users with two malware protection engines: VirusBarrier and NetBarrier. Sadly, though, Intego offers Windows users only a simple virus scanner that doesn't have additional security features.
VirusBarrier is Intego's virus scanner which protects your device by scanning for any viruses or malware and removing them if any were detected. It also includes real-time protection, scheduled scans, and a "Safe Browsing" feature that protects you from malicious websites and emails.
Meanwhile, NetBarrier is Intego's firewall which is optimized to protect your Mac on private and public networks. In addition, this firewall gives you control over the websites and apps that want to send you ads and pop-ups, as some of them might be social engineering attempts.
Intego also has a "Washing Machine” feature that combines a range of cleaning and performance optimization tools.
Intego offers many plans for you to choose from. The plan's prices depend on the number of features included. The Mac Premium Bundle X9 Includes all features and has three plans:
- One device - $84.99 per year (that is around $7 per month).
- Three devices - $115.99 per year (that is around $10 per month).
- Five devices - $146.99 per year (that is around $12.50 per month).
All plans have a 30-day money-back guarantee.
Bitdefender's strong intrusion detection system efficiently detects both common and newly-merged advanced malware. In addition, its firewall makes sure to detect and block any virus or malware that tries to get to your system.
Bitdefender antivirus scores high on protection according to AV-test. It gets a 6/6 score on its ability to detect malicious ware.
In case your device gets infected with a virus, Bitdefender has two solutions:
- The rescue tool on the antivirus report page.
- The USB rescue tool, in case your device isn't starting at all.
Bitdefender has three main plans varying in features. Their best antivirus plan allows you to use up to 10 devices for $79.99/ year.
- Antivirus: $19.99/ year (1 device), $29.99/ year (3 devices), $69.99/ year (5 devices), $79.99/ year (10 devices).
- Total security: $39.98/ year (5 devices), $44.99/ year (10 devices).
- Internet security: $24.99/ year (1 device), $34.99/ year (3 devices), $84.99/ year (5 devices), $89.99/ year (10 devices)
All plans have 2 or 3 years periods of commitments. In addition, all plans have a 30-day money-back guarantee.
3. Norton 360
Norton 360 is one of the most reliable antiviruses out there. There is no need to question its efficiency in protecting your security with over 50 million users worldwide.
It can easily block many threats and provide you with internet security. It provides protection against phishing emails, viruses, malware, and ransomware. In addition, Norton provides a few extra features, including:
- Password manager: You create a strong vault password after installing the password manager on your proffered web browser. You can use the password generator to create passwords that are hard to crack- they can be up to 64 characters, with any combination of upper-case and lower-case letters, numbers, and symbols.
- Cloud storage: Every Norton 360 plan comes with an easy-to-use cloud storage space to save your essential files. Starting with 10 GB in Norton 360 Standard plan and up to 75GB in Norton 360 Premium plan. In addition, not every antivirus includes cloud storage, so this adds value to your package.
Norton offers three plans:
- Norton 360 Standard: $39.99 per year - one device.
- Norton 360 Standard: $54.99 per year - five devices.
- Norton 360 Premium: $69.99 per year - ten devices.
All plans have a 60-day money-back guarantee.
Get A 65% Discount Off Norton 360 Today!
Read more about the top Antivirus software in 2021, rated and ranked.
How to Turn Off Avast: Step-by-Step Guide
Teen Slang and Text Every Parent Should Know
Phishing Emails Example Guide: Online Safety 101
Virus Scanners & Removers: Best Four in 2021