What You Can Do Against Social Engineering

 

What You Can Do Against Social Engineering 

Here are some things that you can do to prevent falling right into a social engineering trap, or minimize any damage done by any social engineering attack:

     1. Prevent the Single Point of Failure 

The more interdependent your accounts are, the more vulnerable you are to an attack. Make sure that you avoid putting all your eggs in one basket – don’t use a single email account when authenticating other accounts that you are using, or use a separate email for password recovery. 

   2. Use different logins for every account that you are using and make sure that your passwords are secure 

Make sure that you never make it a point to use a password more than once. In a similar vein, see to it that you are also using passwords that are very difficult to guess.

  3. Always make use of two-factor authentication 

Use another device or account when authenticating your accounts – this makes it harder for thieves to hijack your accounts.

   4. Be creative when creating security questions 

Don’t go for the obvious questions and answers when it comes to creating security questions for your accounts. See to it that all security questions and answers are hard to guess

   5. Secure your banking credentials 

If you should shop online or leave banking details on a website for ease of access, see to it that you check the security protocol of the website. In the same vein,see to it that you do not use debit cards when making a purchase – once your banking information is discovered by a social engineer, it makes it a lot easier for him to empty your entire bank account once he launches an effective phishing attack. 

   6. Always pay attention to your personal data and the accounts that you are using 

See to it that you regularly check activities on all your accounts. If you have a social media account that you are not using anymore, delete it to avoid leaving a vulnerable account that can possibly be breached since you are not actively checking it from time to time. At the same time, see to it that you also check all online banking accounts and emails regularly to see if there is any suspicious activity or phishing attempt done

   7. See to it that your information is removed from public databases 

See to it that you regularly check activities on all your accounts. If you have a social media account that you are not using anymore, delete it to avoid leaving a vulnerable account that can possibly be breached since you are not actively checking it from time to time. At the same time, see to it that you also check all online banking accounts and emails regularly to see if there is any suspicious activity or phishing attempt done.

   8. Be responsible for your digital garbage. 

If you need to throw out any item that may contain any information about you, see to it that it is destroyed completely to avoid any social engineering attack through dumpster diving.

The best way to avoid being targeted by social engineers is to have healthy scepticism and to exercise vigilance, especially when you are asked to give away private information. Remember that whenever you are asked to fill up a form or even provide a seemingly non-confidential detail to anyone, unless you can verify the identity of the one who is contacting you. At the same time, remember that even managers, IT personnel, or co-workers are not supposed to know what your passwords are.

Exercise the same caution when you are providing access to your devices or anywhere near the system that you intend to protect. Make sure that every person that comes near your phones, tablets, or workstations are people that you know.