Avoiding Common Social Engineering Threats On AAPK

A place to ask and answer "How do I" questions and post tips & tricks that make your AAPK experience easier and more pleasant. Some little thing that you do all the time and take for granted may be an "aha moment" for a new or maybe even a veteran AAPK user.
Post Reply
User avatar
bestgear
Silver Tier
Silver Tier
Posts: 3238
Joined: Tue Apr 17, 2012 6:58 pm

Avoiding Common Social Engineering Threats On AAPK

Post by bestgear » Wed Jul 20, 2022 12:26 am

As social engineering attacks continue to grow in sophistication and frequency, each of us on AAPK should look to educate ourselves as a first line of defense. Learning how to recognize and avoid social engineering attacks could save a lot of pain and heartache.

Social engineering is a non-technical strategy cyber attackers use that relies heavily on human interaction and often involves tricking people into breaking standard security practices. The success of social engineering techniques depends on attackers’ ability to manipulate victims into performing certain actions or providing confidential information. Today, social engineering is recognized as one of the greatest security threats facing organizations like AAPK. Social engineering differs from traditional hacking in the sense that social engineering attacks can be non-technical and don’t necessarily involve the compromise or exploitation of software or systems. When successful, many social engineering attacks enable attackers to gain legitimate, authorized access to confidential information.

Social engineers are a modern day form of fraudsters or con artists. They may attempt to access computer networks or data stores by gaining the confidence of authorized users or stealing those users’ credentials in order to masquerade as trusted insiders. It is common for social engineers to rely on the natural helpfulness of people or to attempt to exploit their perceived personality weaknesses. For example, they may call with a feigned urgent problem that requires immediate attention. Social engineers have been known to appeal to vanity, authority, greed, or other information gleaned from eavesdropping or online sleuthing, often via social media and forums like AAPK.

Cyber criminals use social engineering tactics in order to convince people to open email attachments or embedded links infected with malware, persuade unsuspecting individuals to divulge sensitive information, or even scare people into installing and running malware or steal data.

Social engineering is a serious and ongoing threat for AAPK and the great hope that s that nobody falls victim to these cons. Education is the first step in preventing AAPK forum members from falling victim to savvy attackers employing increasingly sophisticated social engineering methods to gain access to sensitive data.

In short, DO NOT open any links in a suspect posting as they may be infected with malware. Continue to report suspected social engineering attacks and the AAPK Administrators will act appropriately.
Tom
AAPK Administrator

Live simply. Love generously. Care deeply. Speak kindly. Leave the rest to God.

wiseguy
Posts: 1000
Joined: Sun Jul 22, 2012 4:46 pm

Re: Avoiding Common Social Engineering Threats On AAPK

Post by wiseguy » Wed Jul 20, 2022 12:37 am

Thanks 🙏 I’m pretty careful but had no idea.

User avatar
1967redrider
Gold Tier
Gold Tier
Posts: 12473
Joined: Wed Feb 02, 2011 4:23 pm
Location: Alexandria, VA
Contact:

Re: Avoiding Common Social Engineering Threats On AAPK

Post by 1967redrider » Wed Jul 20, 2022 12:50 am

Great post, Tom. We have monthly cyber security sessions at work.
Pocket, fixed, machete, axe, it's all good!

You're going to look awfully silly with that knife sticking out of your @#$. -Clint Eastwood, High Plains Drifter

User avatar
bestgear
Silver Tier
Silver Tier
Posts: 3238
Joined: Tue Apr 17, 2012 6:58 pm

Re: Avoiding Common Social Engineering Threats On AAPK

Post by bestgear » Wed Jul 20, 2022 12:55 am

1967redrider wrote:
Wed Jul 20, 2022 12:50 am
Great post, Tom. We have monthly cyber security sessions at work.
TY John - I’ve been doing this since 1978 when Ross Perot gave me my first job at EDS and education really is the answer - Bryan and the forum software providers can only do so much.
Tom
AAPK Administrator

Live simply. Love generously. Care deeply. Speak kindly. Leave the rest to God.

User avatar
Madmarco
Gold Tier
Gold Tier
Posts: 5412
Joined: Wed May 20, 2020 12:09 am
Location: Smack dab in the middle of Canada

Re: Avoiding Common Social Engineering Threats On AAPK

Post by Madmarco » Wed Jul 20, 2022 1:18 am

When I logged-in just now I noticed that on the URL line where it usually has a padlock there's a security shield with a check mark inside it and the words "Added security", I assume that was done to help battle this current S/E threat? It's really nice knowing that Bryan and all the mods are staying on top of this problem and trying to keep us all safe. Thanks guys! ::handshake:: 8) EDIT: My apologies for posting this, upon browsing another site today I see the "Added Security" displayed there as well, so it's not just AAPK and must be something with my browser alone. 8) 2nd EDIT: Well, as usual I leaped before I looked and discovered today that some sites are showing the "Added Security" and some are still just the padlock, so what's going on has me baffled. ::shrug:: 8)
8)

User avatar
cudgee
Gold Tier
Gold Tier
Posts: 5269
Joined: Thu May 16, 2019 7:21 am
Location: Victoria. Australia.

Re: Avoiding Common Social Engineering Threats On AAPK

Post by cudgee » Wed Jul 20, 2022 1:34 am

bestgear wrote:
Wed Jul 20, 2022 12:26 am
As social engineering attacks continue to grow in sophistication and frequency, each of us on AAPK should look to educate ourselves as a first line of defense. Learning how to recognize and avoid social engineering attacks could save a lot of pain and heartache.

Social engineering is a non-technical strategy cyber attackers use that relies heavily on human interaction and often involves tricking people into breaking standard security practices. The success of social engineering techniques depends on attackers’ ability to manipulate victims into performing certain actions or providing confidential information. Today, social engineering is recognized as one of the greatest security threats facing organizations like AAPK. Social engineering differs from traditional hacking in the sense that social engineering attacks can be non-technical and don’t necessarily involve the compromise or exploitation of software or systems. When successful, many social engineering attacks enable attackers to gain legitimate, authorized access to confidential information.

Social engineers are a modern day form of fraudsters or con artists. They may attempt to access computer networks or data stores by gaining the confidence of authorized users or stealing those users’ credentials in order to masquerade as trusted insiders. It is common for social engineers to rely on the natural helpfulness of people or to attempt to exploit their perceived personality weaknesses. For example, they may call with a feigned urgent problem that requires immediate attention. Social engineers have been known to appeal to vanity, authority, greed, or other information gleaned from eavesdropping or online sleuthing, often via social media and forums like AAPK.

Cyber criminals use social engineering tactics in order to convince people to open email attachments or embedded links infected with malware, persuade unsuspecting individuals to divulge sensitive information, or even scare people into installing and running malware or steal data.

Social engineering is a serious and ongoing threat for AAPK and the great hope that s that nobody falls victim to these cons. Education is the first step in preventing AAPK forum members from falling victim to savvy attackers employing increasingly sophisticated social engineering methods to gain access to sensitive data.

In short, DO NOT open any links in a suspect posting as they may be infected with malware. Continue to report suspected social engineering attacks and the AAPK Administrators will act appropriately.
Well said and expressed. As i alluded to in another thread, they work on the people being either trustful or naive theory. You have a good handle on this and good to see you give some factual information. We just all have to be diligent, and sadly not just trust every thing we see or read.

User avatar
Beavertail
Posts: 1031
Joined: Sun Feb 24, 2008 9:47 pm
Location: Way down south in Dixie

Re: Avoiding Common Social Engineering Threats On AAPK

Post by Beavertail » Wed Jul 20, 2022 2:04 pm

The spammers are back. ::td::
Tim

User avatar
Beavertail
Posts: 1031
Joined: Sun Feb 24, 2008 9:47 pm
Location: Way down south in Dixie

Re: Avoiding Common Social Engineering Threats On AAPK

Post by Beavertail » Wed Jul 20, 2022 2:33 pm

And now they're gone! ::tu::
Tim

User avatar
just bob
Posts: 2334
Joined: Mon Apr 25, 2011 7:05 pm

Re: Avoiding Common Social Engineering Threats On AAPK

Post by just bob » Sun Jul 24, 2022 1:22 pm

Occasionally when I log on, I see the scammers are back at it. I don't think up until this point I realized what a tremendous task Bryan has in front of him trying to maintain this site in an orderly manner. Thank you, Bryan, I don't know if there is anything us normal users can do to help, but if there is please make it known. I enjoy AAPK and have shirts to prove it.
“The world is changed by your example, not by your opinion.” (Paulo Coelho)

Men make plans and God laughs

Better to remain silent and be thought a fool than to speak and to remove all doubt.

Post Reply

Return to “AAPK Tips and Tricks -- An Illustrated FAQ Forum on Steriods”