The primary goal of a social engineer is obtaining computer information from a human target. The objective: to circumvent
the controls and breach the system. This, by security experts, comes from what is considered the weakest link in any
security program, and that is, the user. The reason behind this is that the user makes active decisions not to comply
with policies and procedures of an organization's security program.
Attackers use social engineering tactics to steal the credentials of unsuspecting users and then use these credentials
to their own advantage. Attackers have found that tricking someone into giving them Personal Identifiable Information
(PII) is much easier than attacking their bank account or other accounts. Most of the time phishing comes in the
form of an email. Here are some things to be aware of before you respond to any email that is requesting personal
information or banking, credit card or other credentials.
- The FROM: field.
- Is the email from someone you don’t know or have a working relationship with?
- Is the sender from an business you don’t have dealings with, even though others in your workplace do?
- If you know the sender, is it out of character for them to send a message of this nature?
- Is it usual for the sender to include embedded hyper-links or attachments in their email?
- The TO: field.
- Was the email sent to a group of people you don’t know?
- Was it sent to people you do know, but the mix is unusual? For example, everyone’s surname begins with 'M'.
- The DATE: field.
- What time did the email arrive? For example, it’s time stamp says 1:00 a.m., but you know the person who
sent it is usually not up at this time of the morning.
- The SUBJECT: field.
- Is the subject align with the content of the message?
- Is the subject irrelevant to you?
- The MESSAGE: field.
- Is the email poorly written and riddled with spelling and grammatical errors?
- Are you asked to click a hyper-link or open an attachment?
- Is the message illogical or nonsensical?
- Is the topic inappropriate or irrelevant to you?
- Does the email suggest that you look at something compromising or embarrassing?
- HYPERLINKS
- When you hover your mouse over any hyper-links, is the link-to address different to that which is written
in the email? (The link-to address can be seen on the lower-left of your browser.)
- Is the hyper-link the only content in the message?
- Is the business name in the hyper-link spelled correctly?
- ATTACHMENTS
- Is there a reason for an attachment as part of the email?
- Were you expecting an attachment to be sent?
Take a few minutes and check the email throughly
If you get an email from someone or a company or organization you do not know or don't do business with, take a few
minutes to examine the fields mentioned previously. If in doubt, even the slightest, delete the message. Don't take
as chance to become a victim. After a while, with some experience, you will come to recognize these suspicious emails
and it will become second nature how to handle them. If you receive an email from someone you know and it there is
something that just doesn't seem "right", contact the sender and verify they in fact sent this email to you.
About The Author
Steve Flanigan is an experienced I.T. Network Administrator with several years of Network Security and Administration
in both the Small to Mid-sized Business and Enterprise environments. He has contributed to technical publications and
trains users to become more aware of security issues that can be a threat to network security.
Steve currently wears several hats while working as an I.T. Specialist at a college, a Network Administrator for a
NetAdminWorld as well as being a blogger for NetAdminWorld and other I.T. organizations.
If you have any questions or comments, please use our Contact form.