Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revisionBoth sides next revision
security:start [2021/03/25 09:18] – Improve formatting stefansecurity:start [2021/03/25 09:40] – [Social engineering] Expand section stefan
Line 23: Line 23:
 ==== Social engineering ==== ==== Social engineering ====
  
-For social engineering attacks, pay attention to how you react to something. More often than not these attacks will try to elicit an emotional response and then exploit your impulses. +According to Wikipedia, "social engineering is the psychological manipulation of people into performing actions or divulging confidential information". An attacker will try to exploit your reactions to get you to give them information such as personal details or passwords. 
 + 
 +Here are some basic techniques to protect against this: 
 + 
 +  * Be wary of anyone contacting you out of the blue asking "innocent" questions. 
 +  * Never reply to requests for personal information or passwords. No one will ever legitimately ask you for your password, not even for verification of your identity. 
 +  * Reject requests for help or offers of help. An attacker might pose as technical support and offer to "help", but no computer support will contact you unless you have contacted them first. 
 +  * "Break the loop". Most attacks try to force you into a sense of urgency. But what is the rush? Slow down, and always //take the time to think//. If someone is rushing you, that in itself is a major red flag. 
 +  * Ask for verification of identity. Research it, and don't trust it blindly. 
 +  * All offers and prizes or sent to you are fake. ("Get the latest iPhone for only 200 euros", "Fill out these questionswin a ferret"
 + 
 +Pay attention to how you react to something. More often than not these attacks will try to elicit an emotional response and then exploit your impulses.