| main | ongoing | archive | private |
- how to identify social engineering
- someone contacts you, gains your trust, and then makes you perform an action. Pretexting: gathering personal info under false pretenses (GLBA prohibits this). 3 indicators: 1, request from a stranger to perform a suspicious activity (like granting access to documents or reveal the contents of internal discussions), 2, sense of urgency and pressure to complete the task immediately (so you don't have time to think or verify), 3, anger or hesitancy if you ask for proof of identity.
- how to defend against it
- 1, challenge the requester's identity (who are they and where is the request coming from), 2, verify the suspicious request with your supervisor (especially requests re financial or control changes , 3, slow down or pause the interaction.
oct 22 2024 ∞
oct 22 2024 +
oct 22 2024 +