Social Engineering is steadily increasing as cyber criminals exploit people in tough economic times. A social engineer's main goal is gaining unauthorized access to systems or information in order to commit fraud. Anyone can be a target for social engineers, including small businesses.
In most cases the social engineer never comes face to face with the victim. To help small bysiness falling pray of the social engineering techniques, Google posted a video and a list to help you think carefully before providing a response and make you more confident in your decision before divulging sensitive information.
- Impersonation: They may pose as a repairman, helpdesk tech or trusted third party.
- Name Dropping: They may use names of people from your company/family to make you believe they know you and gain your trust.
- Aggression: They also may try to intimidate you by threatening to escalate to a manager / executive if you do not provide the information/access they have requested.
- Conformity: They may tell you that everyone else has provided the information so it's fine for you to provide the same.
- Friendliness: Over time, they may contact you with an aim of building up a rapport with you. Eventually the social engineer will ask for sensitive information when he/she feels the trust has been built up.