November Tips

Avoiding Social Engineering and Phishing Attacks

What is social engineering?

When someone uses human interactions to obtain or compromise information from a person or organization, it’s called social engineering. By asking questions of the right people, he or she may be able to piece together enough information to gather private personal information or infiltrate an organization’s network. It’s a very common way to attack because it doesn’t rely on the ability to hack into the network.

What is a phishing attack?

Phishing is a form of social engineering. Phishing attacks use email or malicious websites to pose as a trustworthy organization to lure you into sharing information that can then be used to access your account.

Phishing attacks may also appear to come from other types of organizations, such as non-profits. Another tactic is to take advantage of current events such as the COVID-19 pandemic to trick you into donating online, exposing your financial information.

Here are some indicators of a phishing attack: