Social Engineering Targets Employee Vulnerabilities
Hikvision on Learning to Identify Phishing Attacks, Reduce Risk and Security Concerns
Social engineering is a trending cyber threat that targets employees, seeking to exploit vulnerabilities. This method is covered in the SecurityInfoWatch.com (SIW) story, “Social engineering cyberattacks and how they’re impacting businesses.”
Cybercriminals target employees to exploit company data with social engineering. It doesn’t require a sophisticated understanding of an organization’s IT infrastructure or network.
From the article: “Most cybercrime techniques revolve around finding and exploiting weak points in a company’s digital infrastructure. Social engineering is different in that it targets employees, not the network itself. Since worker mistakes and misbehavior are the leading cause of data breaches, this method can be painfully effective. Social engineering attacks are typically more psychological than they are technological. Instead of using sophisticated hacking techniques or in-depth knowledge of computers, they rely on tricking people into giving away information.”
Social engineering is directly impacting businesses in several ways:
- In 2019, cybercriminals stole $1.7 billion through business email compromise (BEC), a type of phishing attack that aims to trick the victim into sending money to the attacker. Read more about BEC in this Hikvision blog.
- Each successful social engineering attack costs organizations an average of $130,000.
- Many of these attacks target customers by using phishing attacks to install malware.
Phishing is a subset of social engineering accounting for 25 percent of 2019 security breaches, according to the SIW article. Learning to identify phishing attacks can empower employees to know when an email is a threat, helping to reduce security concerns. Read this Hikvision blog to learn more about phishing and identify basic and advanced phishing attacks: “Hikvision Senior Director of Cybersecurity: Identifying Phishing Attacks, Three Advanced Phishing Tactics Explained.”