When it comes to the virtual world, we’re a little too trusting and cybercriminals know it. A new report from Proofpoint shows cybercriminals are skipping fancy hacking tools in lieu of simple tricks to get people to hack their own networks or infect their computers. Social engineering is now the top cyber security threat, replacing automated tools in the Top 10 list of social engineering ploys.
Where are the threats hiding?
Phony social media accounts—free and easy for cybercriminals to create—are a major factor in social engineering attacks. Proofpoint says around 40 percent of Facebook accounts and 20 percent of Twitter accounts claiming to represent a Global 100 brand are unauthorized. Dropbox and Google Drive accounts are also big targets, accounting for nearly half of all credential phishing attacks. (A simple fix: give users continuous endpoint backup to lessen the temptation to move sensitive data into vulnerable public cloud spaces.)
Cybercriminals are preying on the end user’s use of shadow IT too—creating phony “free” clones of popular apps that are capable of stealing data, creating backdoors and more. Proofpoint found that 2 in 5 enterprises are affected by these phony apps, and the Android app store contains more than 12,000 of these malicious applications.
Preying on our emotions
Wherever they’re hiding, social engineering attacks emerge from the shadows to prey on powerful human emotions. They prey on greed by promising free giveaways, contests and sweepstakes, and great deals, like free apps. They prey on fear by sending urgent messages warning of an imminent threat and demanding immediate action, or giving employees phony orders from higher-ups in so-called “gofer” attacks. They even prey on basic human decency with the good old, “I’m in a tough spot and need help/money” scam.
And social engineering attacks hit at times when we’re most susceptible: at the beginning and end of the workday, when we’re shuffling through messages; or before a major holiday when we’re hurriedly tying up loose ends and dreaming of vacation. In essence, social engineering preys on our humanity—and turns insiders into unwitting attackers.
Mitigating the risk
Educating end users about the dangers of social engineering can help, but awareness only goes so far. We’ve all heard, “Don’t click that link, don’t open that attachment, and only download approved apps,” and yet, we continue to do so. Even Google is trying to keep people from hacking themselves; it recently released a new feature that warns searchers of suspicious social engineering content. But people will always make mistakes—whether motivated by greed, fear, or distraction, good-intention or lack of information. There has to be a solution besides awareness and education.
Visibility is key
If human mistakes are inevitable, how does the enterprise protect itself from increasing social engineering threats? Proofpoint nailed it: “Get better visibility.” Mitigating social engineering threats requires faster insider threat detection and breach remediation to “stop the bleeding.” This is impossible if your people are working on untethered endpoint devices without endpoint backup in place. Endpoint backup can illuminate how the data moves to and from users’ endpoint devices, allowing you to recognize users’ mistakes and limit the damage.
Fighting social engineering is just like fighting other forms of insider threat. Rather than focusing on the integrity of your people, focus on the integrity of your endpoint data.
Download the executive brief, Protecting Data in the Age of Employee Churn, to learn more about how endpoint backup can mitigate the risks associated with insider threat.