Social Engineering is a funny term in my mind. It sounds so official; like someone goes to college and studies to earn a degree in it. In reality, the term in itself is a depiction of its meaning. Social Engineers are liars, scammers, cheats, con-artists, etc. The term Social Engineer glorifies the action of lying to someone in a way that you’ll get what you want.
Now, with such a negative introduction, I should say that I’m an engineer. No, I didn’t go to college and get a degree in chemical, electrical, mechanical, civil, or computer engineering. However, I have done my fair share of social engineering. Oh, and just for my credibility purposes (as if it matters), I went to school for Information Security and Forensics; a souped-up hybrid of computer engineering and information technology with a constant twist of security.
What’s my point with all of this? Liars are forever. So, what’s the solution? Awareness. Fraud Watch International has a pretty solid site that keeps up with current phishing attempts. You can sign up to get alerts sent to your email about new phishing attempts found in the wild. If you’re into RSS feeds you could also add it to that for quick situational awareness updates.
Here’s another simple solution. Google has a pretty solid spam filter on their gmail addresses. Head over to your Spam folder and check out what’s in there. You’ll be pretty surprised at what you find. While there will be plenty of bad ones anyone should spot, you may find one or two really good ones that you should be thankful Google blocked.
Overall, the idea is that everyone needs to remain aware of what’s going on. It’s easy to compare it to plumbing or electricity where you have a specialist come and fix it for you whenever you have a problem. But, there aren’t people actively trying to hack into your sewage or electrical system. Computers are too accessible and honestly, too easy, to neglect and act like they aren’t integral to our every day business.
Please, remain aware. A little paranoia never hurt anyone.