Cyber crooks use this dangerous weapon to get at the weakest link: us. They know that the easiest way to penetrate a system is to go after the user, not the computer. “Attacking the human element has always been a favorite,” says Jean-Phillip Taggart, Senior Security Researcher at Malwarebytes. “Why use some hard technical flaw to acquire a password when you can simply ask the user for it?”
In fact, psychological cyber attacks are on the rise. “We are seeing an increase of blended attacks that rely on a combination of social engineering and malicious software,” says Taggart. For example, a popular social engineering tactic is the technical support scam. An alert pop-up will appear on the screen that tells the user he is infected and needs to download a malware application. The user, fearful of infection, will download the fake antivirus or anti-malware application that is instead a vehicle for delivering malware.
So how are the criminals distributing their social engineering schemes? Here are some of the most prevalent forms of social engineering today.