What You Need to Know about Social Engineering and Phishing Attack

In general, the internet is useful but there are people who use it to advance their cruel intentions. It is important that you know how to identify attacks and what to do when it strikes. You have to be careful with your transactions online because other people can use it against you. In this particular case, you should know social engineering and phishing attack.


Here are the things that you need to know about such attacks:

What is social engineering attack?

Are you familiar with social engineering attack? This is famous but victims rarely notice they are being used. Social engineering attack is a process where a person uses his/her social skills to gather and collect computer systems information. The person seem to be harmless and respectable. In fact, he/she looks and speaks like a professional but it is just a front. The gathered and collected computer systems information will be used to infiltrate the company or institution.

What is phishing attack?

Have you heard about phishing attack? Phishing is a type of social engineering. In this attack, the person will utilize malicious websites and email to seek personal information. The malicious websites or email may look legitimate (because they pose as an upright organization) but their cruel intentions are deeply imbedded. For example, attackers may pose as a government agency that collects statistics. They will ask personal information (like email address and password) and they will use it to access your accounts.


How to avoid such attacks?

You have to be suspicious in every dealings you make online. You do not see people and you do not know if they are telling the truth so you have enough reason to be doubtful. When you receive unsolicited phone calls or emails, do not yield. If there is someone who is asking about your company’s system and other relevant information, do not give it unless you are certain of the person’s authority. Make sure to confirm it. Do not forget to upgrade your system and maintain your firewall and anti-virus programs.

How to proceed if you are a victim

If you feel that you are a victim of social engineering or phishing attack, you have to act immediately. For example, if you concealed important information about your institution or organization, you have to report it to your network administrators and other personnel. If you revealed financial information, you have to contact your bank or financial institution right away so they can watch your account for unusual activities. More importantly, you need to change your passwords right away when you think that your account is compromised. If you want to be sure, you can file a complaint to the police and let them handle the rest.