Skip main navigation

New offer! Get 30% off your first two months of Unlimited. Subscribe for just £35.99 £24.99. New subscribers only. T&Cs apply.

Find out more

Recapping Social Engineering Attacks

A summary of the main red flags to look out for and best practices to implement in defending against social engineering attacks.

Social Engineering Cybersecurity Attacks

Dumpster Diving | Tailgating | Baiting | Impersonation

Work through the summary below to review the definitions of social engineering attacks and be reminded of the main red flags to look out for and best practices to defend against social engineering attacks.

Definitions

Dumpster Diving:

Searching through trash for information that could be used in a cybersecurity attack.

Tailgating:

Also known as piggybacking, it takes place when someone without proper authentication follows an authenticated employee into a restricted area​. Digital tailgating is requesting the use of a digital resource without proper authentication​.

Baiting:

Using a false promise to lure victims into a trap that steals their personal information or infects their system with malware​.

Impersonation:

The social engineer impersonates or plays the role of someone you are likely to trust or obey convincingly enough to fool you into allowing access to your restricted space, to information, or your network.

Red flags and best practice

Suspicious and out of the ordinary behavior or occurrences are the main red flags to look out for in terms of social engineering attacks. Be especially vigilant in instances where you have won a prize, been given a gift, or received a missed package notification that you were not aware of.

Implement the following best practices to defend against social engineering attacks:

  • destroy any resources and delete all data containing personal information when it is no longer needed.
  • use a firewall to prevent attackers from accessing discarded data.
  • never allow someone without proper authentication into a restricted area or to use your electronic resources.
  • avoid revealing information, especially out of trust, fear​, curiosity, or greed.
  • be skeptical about anything out of the ordinary​.
  • never plug in a found or gifted USB thumb drive.
  • update and adhere to your organization’s policies and procedures.
This article is from the free online

Cyber Security Foundations: Common Malware Attacks and Defense Strategies

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now