Don't call the number! We'll break down this specific socially engineered threat, and offer 3 things your organization you can do to shore up security.
In your effort to protect computer systems and sensitive data, socially engineered attacks need to be on your entire organization’s radar.
Social engineering is the art of manipulating, influencing, or deceiving you in order to gain control over your computer system. According to KnowBe4, only about 3% of malware tries to exploit an exclusively technical flaw. The other 97% instead targets users through Social Engineering.
Here’s the breakdown, so you can be informed:
- A fake blue-screen error
- A fake Windows activation dialog box
- Various fake system errors
- Supposed malware infection or malicious activity
They can also use the following techniques to make their claim more believable:
- Put the image or your browser on full screen, making the error appear as though it’s coming from Windows instead of the web page.
- Disable Task Manager
- Continuously display pop-up windows
- Play audio messages
3 Things Your Organization Can Do:
1. Develop a security policy.
2. Back it up with training.
It only takes one errant click, or one erroneous phone call to comprise data and leave you as yet another victim of a socially engineered attack.
3. Start with an assessment.
Developing a well-managed, properly secured network starts here.