We use cookies to give you the best online experience. By using our website you agree to our use of cookies in accordance with our cookie policy.

croom new

Preferred Blog

Preferred has been serving the Tinley Park area since 1991, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

This Halloween, Dress Like a Hacker and Terrify Your IT Administrator

This Halloween, Dress Like a Hacker and Terrify Your IT Administrator

Halloween is a time when people of all ages dress up as something spooky that they’re really not. For the scariest of hackers, every day is like a reverse Halloween as they try to scam victims by pretending to be someone safe and trustworthy--a persona that they’re really not. This Halloween, don’t get tricked by the haunted hack!

Tricks of this nature are categorized as social engineering, and unlike a child dressed as a ghoul on Halloween, scams of the social-engineering variety are much more difficult to spot. When it comes to protecting yourself from these targeted scams, it’s imperative that you know what to look for. Also, in the same way you check your kid’s trick-or-treat candy for anything that might be harmful, you need to view unsolicited digital communications with a degree of healthy skepticism.

Unfortunately, social engineering tactics like phishing scams work, which is why hackers increasingly use them. This begs the question; why is it that users so easily fall for these scams, even if they’re aware of the security risks? Researchers from the University of Erlangen-Nuremberg in Germany sought to find this out by studying the reasons why people click on malicious links.

The findings were presented by Zinaida Benenson at the most recent Black Hat convention in Las Vegas. Benenson attributed the “success” of a malicious link to the hacker’s ability to understand the circumstances of the scam, and personalizing the link to appeal to their victim. “By a careful design and timing of the message, it should be possible to make virtually any person to click on a link, as any person will be curious about something, or interested in some topic, or find themselves in a life situation that fits the message content and context."

Translation; even with proactive training and education, the best employee could potentially click on a link if doing so fits into their current interests or piques their curiosity. ZDNet uses the example of a partygoer who attended a recent event and then receives an email containing a link to photos of the party. Naturally, the user will want to click on the link, regardless of where it’s from. In this example, the hacker effectively appeals to the natural curiosity of what might be contained within; when coupled with such personalized context, it’s almost guaranteed that they’ll click it.

Another example would be an employee who’s experiencing technical trouble with a workstation. They’ll then receive an email from “tech support” suggesting they click on a link and download remote access software. If the employee is frustrated and they can’t get their PC to work properly, they will follow the email’s instructions for two reasons: 1) The context fits the situation, and 2) People tend to trust tech support.

Like the work it takes to create an impressive Halloween costume, these hacks rely on a level of preparation and cunning by the hackers. This kind of personalized attention makes social engineering scams particularly challenging to protect oneself against.

Essentially, the possibilities for you and your employees to be tricked by spear phishing attacks and end-user errors are limitless, so long as a hacker knows how to appeal to what a user cares about. At the end of the day, having a staff that knows how to spot a trick, and a network that’s free from scary threats, is the greatest treat a business owner can ask for.

Have a safe and Happy Halloween from all of us at Preferred.

Tip of the Week: 8 Upgrades to Facebook Messenger ...
4 Reasons Why You Should Give Office 365 a Try
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, November 28 2024

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      Qr Code

      Blog Archive

      Latest Blog Entry

      Imagine giving every single person you work with a key to your house. Would you do it? Probably not, right? What if someone lost their key or had it stolen? You wouldn’t want to take that risk. So, it stands to reason that if you can’t trust the people you work with every da...

      Latest News

      Best Places to Work - 5 YEARS STRONG!!

      Preferred is once again, honored for being a Best Place to Work for the fifth straight year!  Our team is what makes Preferred a Best Place to Work.  

      Daily Herald Suburban Business 2024 Best Places to Work Honorees The Daily Herald Suburban Business has announced the names of 51 companies, in 5 categories of competition, that are honored as the 2024 Best Places to Work in Illinois. This statewide survey and awards program was designed to identify, recognize and honor the best places of employment in Illinois, benefiting the state's economy, its workforce and businesses.