Are you worried about social engineering?
That’s the collective name for the tricks that cybercriminals use to make you feel comfortable (or scared, or confused) enough to let slip something that you later wish you’d kept to yourself.
Social engineering tricks start at the bluntly assertive end of the spectrum, such as a phone call claiming to be from your bank that insists, “Please tell me your PIN so I can confirm your identity.”
In the middle of the spectrum are innocent-sounding emails such as, “Your invoice is attached – please click below if there are any errors.”
And at the subtle end, the crooks may be happy to get their information a snippet at a time, for example by saying, “I was trying to get hold of that systems guy from IT, you know, the one with the beard and the Metallica T-shirts, what’s his name again?”
What to do?
Here’s a Facebook Live video featuring two entertaining and informative Sophos experts, James Burchell and Greg Iddon.
Watch our very own dynamic duo right here, as they explain the problem, and teach you how to fight back against social engineers…
If you’d like to hear more from James and Greg (or from other Sophos experts, for that matter) in the relaxed format of Facebook Live…
…please let us know in the comments below!
Bob
It is hard to find the video. I did not succeed.
Paul Ducklin
If the video doesn’t appear inline, perhaps because of your browser settings (note: Flash is *not* required :-), there’s a clickable link just above in in the article.
Here is it as a plain URL, just in case:
https://www.facebook.com/SophosSecurity/videos/10154846767690017/
HtH.
Mahhn
Paul, the link in the article goes to facebook, which is blocked by many companies. and the relink in your post, doesn’t have a link :/
I look forward to seeing it, your group makes fun informative videos :)
Paul Ducklin
The video is on Facebook, so the links have to go there, I’m afraid :-)
I can see why companies might think of blocking Facebook, but it feels very 1999…
(I realise there was no Facebook then, but it feels like a 1999 thing, when IT tended to be much more about defining the rules up front and then imposing them, rather than about figuring out how what the rules should be based on what’s going on.)
Paul Ducklin
Ah, I just realised what you meant by “the relink doesn’t have a link” – WordPress was carefully converting it back into an embedded video. I have now edited it so the URL should appear as text (not as a video or even as a link).
And, no, I can’t explain why your comment would get downvoted, considering that it about as neutral as one can be :-) Our downvote troll has struck again, I suppose.
Mahhn
On Facebook. Our company policy blocks social media (and several non work categories) on work computers. Fortunately we are allowed to give people unfettered internet access on wifi. So people can use their personal devices at work as they wish. We also provide break room computers with full access (less porn).
Regulators/the board/ IT and myself make policies/guide lines, specific people do limited Social Media access, but only as a job function. Knock on wood, we have the least security issues of any place I’ve worked IT for over 20 years, but then again I am the Sec guy now ;) – we have a great work force that gets regular training and understands that our industry (finance) is a major target, so I am fortunate. It might sound 1999, but if your money was here, you’d be glad we are as diligent as we are. :)
Paul Ducklin
Well, it doesn’t sound as though you block Facebook if you provide a way for people to do it under controlled/separate circumstances :-) Sounds like the best of all worlds…