Home » Combat Social Engineering: Don’t Be the Weakest Link
Technology|Operations

Combat Social Engineering: Don’t Be the Weakest Link

Smart criminals go after the 'lowest hanging fruit.'

David Blazier
September 16, 2010
No Comments
KEYWORDS engineering / security / social

Characteristics of a weak security chain

Industry experts and government regulators agree that institutions most at risk of succumbing to social engineering tactics tend to lack:

  • Adequate policies and procedures pertaining to physical security;
  • A security awareness program that allows for training of employees at all levels; or
  • An established system of vendor and visitor tracking.

These three elements are dependent on each other to properly defend against the threat of social engineering schemes.

A deficiency in one area creates significant vulnerabilities in the others, allowing easy entry points for savvy criminals to exploit.

Of course, professional social engineers know this information, too. That’s why tactics like the “trusted vendor” scenario—which can exploit numerous vulnerabilities simultaneously—tend to be highly successful at organizations that have inadequate polices and procedures, limited security awareness training, and no formal system of tracking authorized vendors.

Next: A ‘trusted vendor’ scenario

KEYWORDS engineering / security / social

Related Articles

Protective Patterns

Ten Tips on Going Virtual

E-Signatures: A New Avenue for Forgery?

Recent Articles by David Blazier

Social Engineers Target Service Staff

Beware of Criminals Posing As 'Fellow Employees'

What You Don’t Know Really Can Hurt You

Don’t Ignore Threats From Behind the Firewall

Author

David Blazier

Post a comment to this article

Only In Print Good to Grow

Good to Grow

CUs achieve impressive growth by investing in their communities.

Leverage Members’ Voices

Leverage Members’ Voices

Push for regulatory relief using tools like the CUNA Members Activation Program.

Daily Debit

Daily Debit

Same-day ACH debit payments promises added volume but demands added diligence.

App Digital Edition Subscribe

What's Trending

NCUA outlines 2018 distribution as part of TCCUSF closure

The NCUA board Thursday issued a proposed plan to close the stabilization fund this year, which would provide credit unions with a distribution in 2018 likely between $600 million and $800 million.

Sell your ideas to the CEO: 5 steps

Bringing new initiatives to the CEO requires fresh ideas and an understanding of strategic objectives.

Compliance: New HMDA resources available for filers

The CFPB released several new resources relating to HMDA implementation, including updating the preview of its “HMDA Platform” system, an online-only system designed to guide filers through the reporting process and through which they can file.

Your Say

Has your credit union developed a training program for employees that will prepare the credit union to avoid cyberattacks?

View Results Poll Archive