A social engineering attempt to compromise a company’s IT system is likely to be a “classic case of social engineering”, a report has warned.
The report, published by the IT security firm Symantec, said social engineering was a “dangerous” technique which could be used to steal personal data or compromise business systems.
“In some cases, social engineering will succeed in getting your information and data compromised,” said the report, titled “How to protect yourself against social engineering”.
The report also highlighted how a social engineering attacker could steal your credentials, use them to create fake websites or steal your identity, all of which could compromise the security of the company.
“There is a risk that social engineering can be used in a way that compromises business systems, but we’re not seeing that yet,” said Matthew Whelan, chief research officer at Symantech.
“For the most part, we are seeing a much smaller risk of social engineer attacks.
But there are still a lot of organisations who have not yet seen the impact of social engineers,” he said.
The research firm said social engineers often target small, vulnerable organisations such as healthcare, banking and healthcare support, which they can access remotely or via social media.
“Social engineering attacks are a form of cybercrime, and they are becoming increasingly prevalent as more organisations adopt new security protocols and policies,” the report said.
“They’re targeting organizations that are less vulnerable and can be easily compromised.
It’s important that organisations know how to protect themselves from social engineers, and to stay up-to-date on their security best practices.”
Social engineering was first identified in the US in the 1990s.
It involves the sending of targeted emails, text messages or texts with a targeted message or image, and a target person’s password is sent as part of the attack.
Social engineers often create fake identities to trick targets into handing over personal information.
The attackers may use the fake identity to gain access to the target’s account.
Social engineering is now widespread across the world, with researchers finding that more than 40 per cent of cyber attacks in the past two years have been carried out using social engineering.
“The threat posed by social engineering has been increasing over time,” said SymantEC’s Whela.
“It is often more targeted than previously thought, with the use of new tools like phishing, spear phishing and social engineering techniques, such as impersonating targets.”
These attacks can be conducted using any of a variety of online platforms, and there is no single method that can be the only option.
“We have to keep an eye out for any social engineering activity that we see, and we need to be vigilant about the risks.”