Social Engineering is an approach to gain access to information through misrepresentation.  It is the conscious manipulation of people to obtain information without their realizing that a security breach is occurring.  It may take the form of impersonation via telephone or in person and through email.  Some emails entice the recipient into opening an attachment that activates a virus.

Follow these best practices:

• Before providing information to a telephone caller, check if the individual is authorized to receive that information.
• Employees should report any suspicious calls to the appropriate individual in your organization.
• Before opening an email attachment or clicking on a link, verify it is from someone you know, ensure your anti-virus software is current and that the message in the email makes sense for you to receive.  If all the parts don’t add up, the attachment may contain a virus.  Delete it immediately.

Cyber Security Tips are provided by Multi-State Information Sharing and Analysis Center (MS-ISAC), http://www.msisac.org

Return to Security Tips