• Skip to main content
  • Skip to footer

Commonwealth Sentinel

Cyber Security for local government, non-profits and small business

MENUMENU
  • Home
  • About Us
    • Sheri Donahue
    • Leo Haggerty
    • Careers
  • Services
    • Vulnerability and Threat Evaluation
    • Transformation Management
    • CISO Management Services
    • Incident Response Management
  • News
  • Blog
  • FAQs
  • Contact Us

commonsent / April 8, 2021

Five Social Engineering Trends to Watch

Social Engineering isn’t a new field of engineering.  It’s a common thread in nearly all cyber attacks and something all employees – and everyone in general – need to be aware of. Social Engineering is the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.

Basically that means a “victim” is convinced to do something or give up some critical piece of information that a cyber criminal can use against them.  This includes convincing someone to click on a link, open an email attachment or provide requested information.  The “tricks” rely on appealing to the person’s curiosity, greed, fears, sense of urgency or even compassion.

How many times have we warned children not to trust a stranger who asks them to “help find their lost puppy” or tells them “your mom wanted me to come pick you up” before putting them in their car and kidnapping them?

It’s the same in the cyber world…but more prevalent especially when the risk of capture is so low but the reward so high.

These tactics are becoming more sophisticated especially in the days of COVID-19 when more of us are working from home or are more vulnerable to scams involving stimulus checks and other financial rescue.

The top social engineering trends that you should watch out for in 2021 include:

  1. Consent Phishing involves malicious apps that ask a user for permission to provide access to cloud services and other applications from which the criminal can then access other information in the cloud.
  2. Business Email Compromise (BEC) is a major money-maker for criminals. The criminal, posing as a reliable colleague, sends an email or other communication to the subject instructing them to send funds to a bank account that is controlled by the criminal.  The victim assumes it is a legitimate account and transaction believing it is by direction of an authorized co-worker. The average cost of this type of attack is $80,000 – and is going up every year.
  3. “Deepfakes” is a fairly new term that will become more prevalent with the maturity of artificial intelligence.  A deepfake is a video produced by using artificial intelligence to merge, replace or superimpose content onto another video making a fake and often controversial appearing video of a celebrity or politician.  Then someone sees the “video” and is curious to know more about the outrageous content.  They click on it and the phishing attack is in motion.
  4. Nation-state actors are still, and always will be, a prime adversary in cyber crime.  As more people are interacting online, nation-state actors pose as cyber security bloggers and target researchers on LinkedIn.  From the theft of COVID-19 research to control of critical infrastructure control systems, nation-state attacks continue to grow.
  5. Phishing has continued to grow as an attack vector as users click on malicious links or attachments. It has become so profitable that phishing-as-a-service is now a booming business.  Hackers don’t even have to create their own phishing campaigns.  They can simply outsource it.

All of these types of social engineering trends point to one solution. EDUCATION!  The more security awareness training that employees and other users have, the better prepared they are to avoid these traps and protect their information and your company.       

Filed Under: Blog

Footer

CONTACT US

COMMONWEALTH SENTINEL

1230 US Highway 127 S
Suite #5
Frankfort KY 40601
(502) 320-9885

EMAIL US

ABOUT US

Cyber security consulting for local governments, non-profit organizations, and small businesses facing the threats of the cyber world.  At Commonwealth Sentinel, we are passionate about helping people be cyber-safe!

FOLLOW US

  • Email
  • Facebook
  • LinkedIn
  • Phone
  • Twitter
  • YouTube

Copyright © 2023 Commonwealth Sentinel

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT