​Inspired eLearning eNewsletter August 2017: Monthly Security Tips | Kent State University

​Inspired eLearning eNewsletter August 2017: Monthly Security Tips

​Inspired eLearning eNewsletter August 2017: Monthly Security Tips

Social Engineering

 

Social engineering is a skill that can be learned, but it is also an instinct. Social engineering is when an individual uses deception to manipulate someone into releasing confidential or personal information that could be used for fraudulent purposes. Individuals with malicious intent will try to take advantage of employees who are too trusting or want to be helpful.

 

Common Social Engineering Tactics:

 

  • Maltego (used for reconnaissance/gathering information)
  • Google Dorking (used for reconnaissance/gathering information)
  • Costume (play a specific role, e.g. new employee, technician, etc.)
  • A friendly attitude or a smile

Tips to Avoid Social Engineering Snares:

 

  • Do not take people in uniforms (e.g. deliver man, technician, cleaning crew, etc.) at face value. Always check their credentials.
  • Do not disclose sensitive information with anyone who does not need access to it.
  • Report anyone who appears to be suspicious.
  • Confirm information with the proper authorities. 

Increasing cyber security awareness among end users and employees is the best tactic in building a strong defense for social engineering. It is a group effort to stay diligent and to stay alert. 

 

Echo Listening Device

 

The Amazon Echo has become an extremely popular smart device all over the world. But, a British researcher has demonstrated how the Echo can be engineered into a listening device. The demonstration showed, with a few modifications, a hacker could the device into a listening tool without leaving a trace of evidence. 

 

When purchasing the Amazon Echo, please ensure that the device is purchased from Amazon or a trusted seller in order to have the latest safeguards and software.

 

Tips for Safeguarding Home Electronics:

 

  • Keep them in secure locations
  • Use strong credentials (username/password)
  • Don`t allow unknown individuals access your private network at home
  • Ensure that your home network is password protected

 

More information about social engineering can be found at Inspired eLearning