In this guest post for Dynamic Business, Chris Russell looks at how SMBs can outsmart social engineering scams.
Over recent months Symantec has observed a deluge of new social engineering attacks targeting the small business community. These threats are designed to access sensitive business information, including client contact details, credit card data or intellectual property which can be exploited for financial gain.
The leakage of confidential data can be catastrophic for small and medium businesses (SMBs), both in terms of remedial costs and reputational damage. However, to effectively protect against these attacks, SMBs first need to understand what ‘social engineering’ is and the various forms that these attacks can take.
What is social engineering?
‘Social engineering’ is the act of manipulating people into disclosing confidential information or downloading malware. These attacks are often a point of vulnerability for small businesses, whose staff can be tricked into divulging sensitive data or allowing security threats to enter the business network. With social engineering techniques becoming more advanced and constantly evolving these tactics are increasingly difficult to spot.
Traditional social engineering attacks include the use of phishing sites to trick users into giving away their personal or business information. These sites are often designed to resemble the login pages of popular websites. In a recent example phishers spoofed the pages of a celebrity information website, asking for login credentials before providing additional content about popular celebrities. Users who fell victim to this scam had their confidential information stolen for identify theft purposes.
Cybercriminals also use news events as a way to spread social engineering attacks. Recently the death of Muammar Gadhafi was the subject of spam emails which encouraged recipients to click on a malicious link. Users who fell for this scam at work downloaded malware to businesses computers, enabling cybercriminals to access the corporate network.
To make malicious links more difficult to spot, spammers frequently shorten hyperlinks to websites so that the full domain name is not obvious. These shortened links are useful for messaging technologies where the length of communications are restricted. However, cybercriminals use shortened links to disguise the web domains of malicious sites.
Shortened URLs are included within spam mail, using subject lines designed to attract attention and arouse the recipient’s curiosity enough to click through. The use of shortened URLs is so widespread that spammers have even set up their own publically available shortening services.
It is also worth noting that scammers are consistently evolving their social engineering attacks to catch out unsuspecting victims. Over recent months even the office printer has been used to disguise cyberattacks! Cybercriminals have crafted emails that look as though they come from a smart printer and are being forwarded by a colleague in the same organisation. This creates a sense of false security, encouraging users to open attachments which contain malware enable security threats to access the business.
How to avoid social engineering tactics
Since the beginning of 2010, 40 percent of all targeted attacks have been focused on SMBs, compared to only 28 percent directed at large enterprises.This is most likely because scammers do not expect SMBs to have in place the same level of security infrastructure as their enterprise counterparts.
However, SMBs are not aware that they are the primary focus of cyberattacks. In fact, a recent Symantec poll found that half of local SMBs think that they are not in danger because they are a small company. Instead, the perception is that only large enterprises have to worry about cyber attacks.
Because SMBs don’t see themselves as targets, many of them are failing to take basic precautions to protect their information. More than half (61 percent) don’t use antivirus on all desktops, and 47 percent don’t use security on mail servers or services.
With the threat landscape evolving at a rapid pace, it is vital that SMBs recognise the risks and put measures in place to protect their sensitive information. Luckily, there are simple steps SMBs can take to protect against cyberattacks:
- Educate employees: SMBs must educate employees about the risk of social engineering and ensure they are following these guidelines:
- Use common sense: Delete dubious attachments, especially if they are from an unrecognised source. Additionally do not click on links in messages that seems strange or out of character, even if they appear to be from a known ‘friend’.
- Be careful with e-mail attachments and links: Scan all incoming e-mail attachments for malware, even if employees recognise and trust the sender. This will reduce the risk of malicious code from accessing the network because it appears to be from a familiar source.
- Use a reliable security solution: Today’s security solutions—whether delivered as software or cloud services—do more than just prevent viruses. They scan files regularly for unusual changes in file size, programs that match the software’s database of known malware, suspicious e-mail attachments and other warning signs.
When choosing a security solition, it is important for small businesses to use a defense in depth approach. This is because multiple layers of protection will identify and address a greater number of threats. In addition to desktop based security solutions, SMBs should invest in cloud based filtering services which stop threats at the internet or email layer – preventing them from entering the business network.
This type of comprehensive approach is the most important step a small business can take toward keeping computers clean of malware.
- Stay up to date: A security solution is only as good as the frequency with which it is updated. New viruses, worms, Trojan horses and other malware are created daily and variations of them can slip by software that is not current. The good solutions make this seamless, but if you want to alleviate this burden all together, you can also use a cloud based service, which will automatically update over an internet connection to help keep employees safe whether they are in the office or on the road. By using cloud based solutions SMB owners can rely on security experts to protect their information, allowing them to focus on running the business.
By following these simple guidelines SMBs can ensure that their staff understand the dangers of social engineering attacks as well providing a solid layer of internet security. SMBs looking for advice on which security solution to implement should talk to a trusted IT partner which can match an appropriate solution to their business needs.
– Chris Russell is SMB Manager at Symantec.cloud