Bad actors manipulate the following four emotions most frequently:

Fear – Malicious actors commonly use fear to manipulate victims because it is one of the most powerful of human emotions.  For example, a phony email stating that your online bank account has been compromised and requires a new password will likely elicit fear.

Greed – Let’s face it, most of us have had a few greedy moments.  It’s only human.  For this reason, social engineers find it a successful tool.  A good example is the notorious “419 Nigerian scam,” in which cybercriminals claiming to be a Nigerian official promise a large reward for a small sum of money.  Even today, the lure of easy money causes folks to fall for the ancient con.

Helpfulness – From a young age, most of us are taught to be helpful and obedient.  This willingness to help others is used against victims by social engineers.  For example, criminals seek out customer service agents because their helpful mindset makes them easy targets.

Curiosity – Curiosity is exploited when attackers promise something of interest to deceive victims.  It might be as simple as an email saying, “Your Amazon purchase for $825 is ready to ship; click here to view your order.”

Protect yourself and your workplace

How can you protect yourself and your employer from a social engineering attack? Knowledge is power. Stay up to date on the latest scams.  And heed the basics:

Use antivirus software, firewalls, and email filters.
Never open emails whose sender you do not know.
Don’t open attachments in emails of unknown origin.
Do not provide personal information or information about your organization without verifying the legitimacy of the request.

© National Security Institute, Inc. www.nsi.org