Hacking the amygdala with social engineering | ALC Training News
- No comments
On the bus trip to enjoy your shopping, a lovely young man sits next to you.You strike up a conversation and are happy to find you have similar interests. He also owns a dog, the same breed as yours, and he even demonstrates a love of the same films and sports.
You’re surprised to find out that you both grew up in the same area of the city, and you give the young man your phone number when he asks if you’d like to see the new Star Wars film next week. As you get off the bus, you wave goodbye and carry on with your shopping journey.
Before you can make your first purchase that day – perhaps even prior to entering the shopping centre – your email and social media accounts are compromised and your bank account is emptied.
Congratulations. You’ve become another unsuspecting addition to the statistics of social engineering.
Emotional extortion of information
Humans have long been the easiest targets for anyone wishing to compromise an information system. We don’t actively seek to accuse everyone of deception – if we did, our daily lives would be a paranoid mess – but this noble part of our psyche is also its greatest opportunity for exploitation.
Hackers – or anyone wishing to manipulate another person into revealing something – employ these tactics by targeting the vulnerabilities in our emotional response. In the example above, we see a few pieces of common password information change hands; pets and their breeds and names, favourite films and sports, and the area you grew up in.
By giving the hacker the bonus information of your phone number, they have everything they need to attempt a password crack on your accounts.
Humans have long been the easiest targets for anyone wishing to compromise an information system.
Passwords appearing closer to sudoku
SplashData has complied it’s annual Worst Passwords list in a continued attempt to bring light to the lax security around many individuals’ security. According to the data, “123456” and “password” are still the two most commonly used, with the rest of the list looking equally shocking.
As websites and apps demand greater security – with most passwords now requiring 8 digits or more – “12345678” has risen to third place, showing that, despite the attempt for increased protection, users are still falling short on their side.
Also on the list were the familiar sports themes of “football” and “baseball” alongside newcomers “letmein”, “passw0rd”, and “starwars”.
The faceless crime of identity theft
But even with a weak password and a friendliness toward strangers on the bus, you may still be wondering what anybody could want to break into your life for.
Identity theft can lead to hackers opening false bank accounts or making online purchases in your name. Even worse, recent scandals show that our most private photos and information in the cloud is able to be compromised. Blackmail of any sort can lead an individual to divulging political, business, or individual information.
A report by software company Symantec revealed that more than 550 million identities were exposed online. Looking at this figure, it’s clearly more important than ever to ensure your online identity and information are kept safe from attack.
Protecting the information core
Your brain is the most powerful weapon against cybercrime. By recognising the potential warning signs of social engineering techniques, you can keep your identity and financial details secure.
Effective training is one way to identify and eliminate these social engineering threats. Reach out to ALC Training today and find out how information security training courses can turn your brain into a mental Fort Knox.
- ALC’s Cyber Scholarship Program – A Community Support Initiative
- ASD scraps Cloud Security Certification Program – Now What?
- Cybersecurity in your pocket: The essentials of mobile malware
- Where to Start with Digital Transformation?
- InfoSec Skilled Workforce Shortfall – Reality?
- What is the Office 365 Security & Compliance Centre?