Skip main navigation

Recapping Social Engineering Attacks

A summary of the main red flags to look out for and best practices to implement in defending against social engineering attacks.

Social Engineering Cybersecurity Attacks

Dumpster Diving | Tailgating | Baiting | Impersonation

Work through the summary below to review the definitions of social engineering attacks and be reminded of the main red flags to look out for and best practices to defend against social engineering attacks.

Definitions

Dumpster Diving:

Searching through trash for information that could be used in a cybersecurity attack.

Tailgating:

Also known as piggybacking, it takes place when someone without proper authentication follows an authenticated employee into a restricted area​. Digital tailgating is requesting the use of a digital resource without proper authentication​.

Baiting:

Using a false promise to lure victims into a trap that steals their personal information or infects their system with malware​.

Impersonation:

The social engineer impersonates or plays the role of someone you are likely to trust or obey convincingly enough to fool you into allowing access to your restricted space, to information, or your network.

Red flags and best practice

Suspicious and out of the ordinary behavior or occurrences are the main red flags to look out for in terms of social engineering attacks. Be especially vigilant in instances where you have won a prize, been given a gift, or received a missed package notification that you were not aware of.

Implement the following best practices to defend against social engineering attacks:

  • destroy any resources and delete all data containing personal information when it is no longer needed.
  • use a firewall to prevent attackers from accessing discarded data.
  • never allow someone without proper authentication into a restricted area or to use your electronic resources.
  • avoid revealing information, especially out of trust, fear​, curiosity, or greed.
  • be skeptical about anything out of the ordinary​.
  • never plug in a found or gifted USB thumb drive.
  • update and adhere to your organization’s policies and procedures.
This article is from the free online

Cyber Security Foundations: Common Malware Attacks and Defense Strategies

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education