Blog

Network Synergy Blog

Network Synergy has been serving the Trumbull area since 1988, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

This Halloween, Dress Like a Hacker and Terrify Your IT Administrator

b2ap3_thumbnail_it_on_halloween_400.jpgHalloween is a time when people of all ages dress up as something spooky that they’re really not. For the scariest of hackers, every day is like a reverse Halloween as they try to scam victims by pretending to be someone safe and trustworthy--a persona that they’re really not. This Halloween, don’t get tricked by the haunted hack!

Tricks of this nature are categorized as social engineering, and unlike a child dressed as a ghoul on Halloween, scams of the social-engineering variety are much more difficult to spot. When it comes to protecting yourself from these targeted scams, it’s imperative that you know what to look for. Also, in the same way you check your kid’s trick-or-treat candy for anything that might be harmful, you need to view unsolicited digital communications with a degree of healthy skepticism.

Unfortunately, social engineering tactics like phishing scams work, which is why hackers increasingly use them. This begs the question; why is it that users so easily fall for these scams, even if they’re aware of the security risks? Researchers from the University of Erlangen-Nuremberg in Germany sought to find this out by studying the reasons why people click on malicious links.

The findings were presented by Zinaida Benenson at the most recent Black Hat convention in Las Vegas. Benenson attributed the “success” of a malicious link to the hacker’s ability to understand the circumstances of the scam, and personalizing the link to appeal to their victim. “By a careful design and timing of the message, it should be possible to make virtually any person to click on a link, as any person will be curious about something, or interested in some topic, or find themselves in a life situation that fits the message content and context."

Translation; even with proactive training and education, the best employee could potentially click on a link if doing so fits into their current interests or piques their curiosity. ZDNet uses the example of a partygoer who attended a recent event and then receives an email containing a link to photos of the party. Naturally, the user will want to click on the link, regardless of where it’s from. In this example, the hacker effectively appeals to the natural curiosity of what might be contained within; when coupled with such personalized context, it’s almost guaranteed that they’ll click it.

Another example would be an employee who’s experiencing technical trouble with a workstation. They’ll then receive an email from “tech support” suggesting they click on a link and download remote access software. If the employee is frustrated and they can’t get their PC to work properly, they will follow the email’s instructions for two reasons: 1) The context fits the situation, and 2) People tend to trust tech support.

Like the work it takes to create an impressive Halloween costume, these hacks rely on a level of preparation and cunning by the hackers. This kind of personalized attention makes social engineering scams particularly challenging to protect oneself against.

Essentially, the possibilities for you and your employees to be tricked by spear phishing attacks and end-user errors are limitless, so long as a hacker knows how to appeal to what a user cares about. At the end of the day, having a staff that knows how to spot a trick, and a network that’s free from scary threats, is the greatest treat a business owner can ask for.

Have a safe and Happy Halloween from all of us at Network Synergy.

Tip of the Week: 8 Upgrades to Facebook Messenger ...
4 Reasons Why You Should Give Office 365 a Try
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, 22 December 2024

Captcha Image

Contact us

Learn more about what Network Synergy can do for your business.

Network Synergy
126 Monroe Turnpike
Trumbull, Connecticut 06611

Network Synergy Corporation BBB Business Review

Best IT Managed Service Providers in Bridgeport aicpa logo net syn

News & Updates

Network Synergy is proud to announce the launch of our new website at www.netsynergy.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Copyright Network Synergy. All Rights Reserved.