It’s a bit of a mouthful and may not sound as familiar as “hacker” or “data breach,” but social engineering fraud is just as insidious and can be just as costly to a business. This growing threat does not discriminate and is affecting businesses of all sizes. If you have employees, then your business faces a potential loss due to social engineering fraud.
Social Engineering Explained
Social engineering fraud is a sophisticated “phishing” attack that attempts to intentionally mislead employees, convincing them to send money or divert a payment to a source that turns out to be a criminal. The contact can attack via phone or letter, but most often invades your system by email.
Unlike a normal phishing attack, social engineering fraudsters take a much more targeted approach. They pretend to be a vendor, client, or even another employee by attempting to make their communications look as official and routine as possible. On the surface, the communication appears entirely legitimate, and if the imposter has rudimentary hacking skills, he can even make these emails seem as if they are part of an existing thread.
The targeted employee, often bombarded by emails, may not think twice about the request and follow through, especially if it’s somewhat in line with standard operating procedures.
5 Steps to Prevent an Attack