In this article, I will explain what is social engineering.
Social engineering is a term used in cybersecurity to describe situations of trickery. It is used by cybercriminals to gain either your confidential information or your money. Typically hackers will gain access to an email account within a firm and monitor the user’s email habits. We often see that the accountant, controller or CFO is the individual hackers will target due to their proximity to the firm’s money. Hackers may stay silent within an email account for months to learn the user’s habits, contacts, their level of authority within the firm, and other characteristics which they will later mimic for their gain.
You’ve heard about the stories of a CFO getting an email from their CEO asking for them to wire a large amount of money to a new account quickly so they can make something happen, like a new deal they’re working on, or to put a deposit on a machine, or similar. An unsuspecting CFO does the wire and only learns later that it was a sham. Unfortunately, the wire is gone and so are the funds. In this example of social engineering, hackers tricked the CFO into parting with the company’s money and deposit it into the hacker’s account. The account receives the money and is quickly closed, once hackers can cash out the funds.
In this video, I discuss the scheme of social engineering in greater detail and gives ideas on how to protect yourself and your company. One false assumption by any employee in your firm can result in a serious loss of money.
Want to learn more about how we help businesses of all sizes with cyber risk control services and cyber insurance? Why not give me a call. I think you’d be amazed at how simple, easy and affordable cyber insurance can be for your business.