Social Engineering


Nov 2018

Hacking Humans: The Social Engineering Threat

When most people think of cyberattacks and the social engineering threat, they picture a scene from an action movie in which a teenage computer whiz spends thirty seconds furiously typing on a computer keyboard and gaining complete access to the Pentagon’s databases. In the real world, this isn’t how hacking actually works. The good news is that hacking the Pentagon is a lot harder than...

Read More


Sep 2018

What Personal Information Can Anyone Learn About You on the Internet?

When you think of people collecting personal information about you, you probably think about the data leaked in corporate data breaches and information for sale on the Dark Web. But have you ever wondered what kind of information the average person could learn about you on the Internet? The Internet can make social engineering a past time for some, or a dangerous cybercrime conduit for...

Read More


Sep 2018

Eight Considerations for Remote Worker Cybersecurity

Working from your desk in the corporate office is probably the safest way of doing business since you have both physical and technological protections provided by your organization.  However, this may not always be feasible for either personal or business reasons.  By taking the appropriate remote worker cybersecurity precautions, you can work from home or on the go without jeopardizing your personal security or that...

Read More


Jul 2018

Two-Factor Authentication (2FA): Secure or Not?

Passwords are generally considered to be insecure.  With the sheer number of accounts that the average person has, remembering a password for each account requires weak passwords, password reuse, or the use of technology like a password manager.  Even if someone has good password hygiene, a data breach means that someone’s password could be exposed by circumstances completely outside their control. Two-factor authentication is a...

Read More


Jun 2018

How to Spot a Social Engineer

When thinking about cybersecurity and hackers, most people focus on the technological side of hacking where attackers take advantage of vulnerabilities in computer systems to gain unauthorized access.  However, this is only one avenue for hackers to get what they want. Instead of focusing on weaknesses in computer systems, social engineers take advantage of susceptibility in human behavior and people’s default reactions to certain situations....

Read More


Sep 2017

Social Engineering Q&A: How to Strengthen Your Network Security

As organizations respond to InfoSec threats by hardening their network security, hackers are exploiting softer targets, such as employees and management, to gain access. According to IBM research, in 2016 about 71 percent of reported cyberattacks in the healthcare industry and 57 percent of cyberattacks in the financial services industry depended on the actions of employees who had unintentionally compromised the network security of their...

Read More


Jan 2017

Building the Culture to Support a Social Engineering Awareness Program

Sword & Shield Enterprise Security Consultant Joe Gray pens the first of a five-part series for CISOcast, an online resource that publishes peer-reviewed content to help information security leaders meet the challenges of real world problems to help companies build a social engineering awareness program. Today, companies are investing more than ever before on protecting their IT infrastructure. As a response, hackers and, in turn, penetration...

Read More


Aug 2016

You are Your Company’s Worst CyberSecurity Threat

The biggest cybersecurity threat to your organization in 2016 isn’t Russian or Chinese hackers. It isn’t nefarious plots schemed by cyber spies, either. In fact, according to reports, the biggest threat to your company’s data loss is YOU. According to IBM’s CyberSecurity Intelligence Index, no less than 95 percent of all data security incidents are triggered by human error: employees who are getting tricked by...

Read More


Jan 2015

Don’t Click that Link! Have a Back-up Plan to Mitigate Social Engineering Attacks

If you don’t enjoy having your data or your customers’ personal information plastered all over the Internet, then you should consider the initial attack vector that was most likely used to put it there: a lack of understanding about how social engineering attacks occur and an absence of security controls available to minimize the breach. Phishing, pre-texting, baiting and piggy-backing are just some of the social engineering methods attackers use to trick...

Read More