Donna realized her mistake as soon as it happened, but it was too late.
At 75, Donna was pretty tech-savvy: she kept up with the grandchildren on GooglePhotos, stayed away from Facebook and its data mining, and used her phone to text, laughing at the awful autocorrect messages that arise every-so-often.
Then, she gave away her computer password to a hacker.
“I knew better! I knew it was fishy, but I just wanted my computer fixed, too, and I guess I wanted to believe them. I feel so stupid.”
But Donna has nothing to feel stupid about. She was a victim of social engineering, hackers who prey on their victims by anticipating normal, natural human behavior.
It all started when Donna was locked out of her Yahoo! account. Frustrated and without access to help, she did the next natural thing in today’s society.
“I Google-searched for Yahoo! customer support, found their webpage, and called in.”
But the web page was a ruse and hackers answered her call.
Donna did everything right: she followed her instincts to seek help, called the number provided, vetted the number with an online search, and assessed the validity of the individual on the other end of the line who assured her “Yahoo! is very concerned about our customers’ security.” It all tracked and seemed official, and she had no way to know she had been connected to hackers.
The hacker said all the right things: he talked about security, he decried hackers, he quoted company lines that seemed to represent Yahoo!. He knew the ways to break down her defenses. He socially engineered the attack against Donna’s computer by playing on her fears and addressing her concerns.
The “customer service” rep directed Donna to download their troubleshooting software patch as a ‘fix,’ and she was asked for her password so they could launch it for her. Donna had a nagging feeling about it, but her need for help and to restore her system overpowered her slight prickling of instinctive resistance. The hackers counted on this, and it worked.
Donna is the perfect example of a victim of social engineering. Despite her advanced knowledge about security, her desire for help led her right to a hacker who was prepared with tactics to address her needs and feelings so that she would reveal her security information.
Once Donna engaged with the fake customer service site, there wasn’t much she could have done to avoid the manipulation. Had she known that hackers are no longer shadows in the dark, maybe she would have been more alert to the dangers.
The key to avoiding becoming a victim of social engineering is awareness of social engineering. Hackers will sound and act like empathetic, concerned, and legitimate authorities. They go to great lengths to establish a rapport with their victims: realistic web pages, real working phone numbers, and soothing customer service reps.
Stop imagining hackers as elusive, shadow-figures who come after you. Prepare yourself against hackers who set traps and use lures designed to work with your personality and human nature. Protect yourself with security that keeps passwords impossible to give away easily like those created by a Password Vault and that can save your system from a hostile takeover.
You’ve just read how easy it is to become a victim of social engineering. You know how to prepare yourself against these hackers by staying vigilant for social engineering tactics like fake web pages, seemingly realistic phone numbers, and slick customer service reps. But you can’t stop there. You must take a few other steps to secure your network.
Here at ABL Computers we help make sure you take the necessary steps to ensure your network is set up to protect against hacking. Visit our network security page to learn more about the important steps you need to take to secure your network and keep hackers at bay.