Social Engineering Hacks: How to Respond

Incident response teams spend a great deal of their time on infrastructure issues that have nothing to do with hacks, ransomware or phishing. But when those events occur, well managed incident response teams already have strategies and specialists in place to lock down the threat, find its source and limit damage. Audit and risk management specialists are typically responsible for assessing network vulnerabilities and maintaining threat metrics. They are also tasked with ensuring best practices are used throughout the organization. This last responsibility is perhaps the most difficult to enforce and the most essential line of defense against external threats like ransomware.

Audit and risk management specialists across industries and organizations are facing new threats that target social media users. Though progress has been made on the email front, social media networks, particularly Twitter, have been shown to take users off-guard. New best practices must include social media protocols. Visit https://www.pagerduty.com/why-pagerduty/it-operations/ for more information. Here are a few ways to keep your organization and employees protected from malicious links and socially engineered phishing.

Be Wary of Bad Links

At this point in the security game most employees and email users know that links from Nigerian princes and friends stranded in Mexico are most likely phishing attempts. But while savvy users delete theses messages or filter them into spam, hackers are finding vulnerabilities on other platforms. Sites like Twitter use link shorteners which provide a good cover for malicious links. A user might think they are clicking on a generic URL, but in actuality they are taken in by a malicious link. At last year’s DEFCON 24 even security specialists were taken in by malicious bots posting phishing links on Twitter.

Employees should not use social media on company devices or on devices where they also engage with, or store, company information. If this cannot be avoided then employees should never open links directly from social media platforms.

Check Privacy Settings

Another type of phishing that has been making the rounds for at least the past year is spear-phishing. Hackers rely on publicly available personal information to design emails that appeal to specific people. When social media settings aren’t secure hackers are able to find information on relatives, friends and other bits of personal data that can be used to build a users’ confidence in the email and persuade them to click on a malicious link or download a questionable attachment.

Explore the Social Engineering Toolkit

The social engineering toolkit is open source, making it available to anyone who wants to gain access to a specific individual’s passwords and information. It is also used by auditors and risk managers as penetration software. The source code offers users various vectors of attack, from spear-fishing to website to infectious media. Knowing the toolkit’s options allows auditors to experiment with the latest phishing vectors.

Auditors and risk managers who communicate effectively with employees and share information about social engineering will help employees recognize their vulnerabilities and strengthen their security instincts.