Social Engineering

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Social engineering is a pyschological attack where an attacker tricks you into doing something you should not do – think of it as a “con game”. The concept of social engineering is not new; it has existed for thousands of years. Think of scammers or con artists, it is the very same idea. What makes today’s technology so much more effective for cyber attackers is you cannot physically see them; they can easily pretend to be anything or anyone they want and target millions of people around the world, including you. In addition, social engineering attacks can bypass many security technologies.
 
Keep in mind, social engineering attacks can happen in any form including phone calls, emails, text messages on your phone, over social media or even in person. The key is to know what to look out for – you are your own best defense.
 
Social engineering attacks will in general have the following clues:
  • Someone creating a tremendous sense of urgency. They are attempting to fool you into making a mistake.
  • Someone asking for information they should not have access to or should already know such as your account numbers.
  • Someone asking for your password. No legitimate organization will ever ask you for that.
  • Someone pressuring you to bypass or ignore security processes or procedures you are expected to follow at work.
  • Someone may leave a malware-infected USB near your desk or in your parking lot. You may be greedy and would like to erase and use the flash drive. You may be a good Samaritan and would like to return the device to its owner. When the device is plugged into your computer, malware could be unintentionally installed on your desktop.
  • Something too good to be true. For example, you are notified you won the lottery or an iPad, even though you never even entered the lottery.
  • You receive an odd email from a friend or coworker containing wording that does not should like it is really them. A cyber attacker may have hacked into their account and is attempting to trick you. To protect yourself, verify such requests by reaching out to your friend using a different communications method, such as in person or over the phone.
Note: If you suspect someone is trying to trick or fool you, do not communicate with the person anymore. If the attack is work related, be sure to report it to ICT Services on ext 2236 or support@strathmore.edu.
 
 
Remember, common sense is often your best defense.

 

 

 

© 2023 Strathmore University ICT Services

QUICK LINKS

ICT Regulations

AMS Modules

AMS Login

E-learning Login

ICT Policy

Library

CONTACT US

Central Building

support@strathmore.edu

Ext 2236, 2251, 2157, 2437

+254 703 034000/236

Scroll to Top