There are many ways to be socially engineered and phished, including email, websites, social media, SMS texts, chat services, phone calls and in-person. These days, it is hard to sell something online, date or rent a vacation home without being scammed. Scams are everywhere! If there is a way to communicate between two parties, some scammer will try to take advantage of it.
At KnowBe4, we try to help people not to be scammed (along with compliance training and other initiatives). You can help yourself and your organization to become more scam-resistant by creating a culture of healthy skepticism surrounding any unexpected request asking the recipient to do something new and unexpected that could harm that person’s or their organization’s own interests if it was malicious. You do this by using your best defense-in-depth combination of policies, technical defenses and education. A culture of healthy skepticism will significantly reduce the risk of social engineering scams.
One Key Message
If we were asked to name the one key thing everyone could best do to stop scams, it is this: Be initially skeptical of any unexpected request to do something new for a requester that, if malicious, could harm your own interests. Here is what it looks like graphically:
This one key message should be spread throughout all organizations, to all your coworkers, friends and family members. Build this level of healthy skepticism into your own thought processes, build it into the organization, build it into the organization’s culture.
There are a hundred other things (e.g., policies, technical defenses, education) you can do to help defeat social engineering and scams, but if you only have one primary message to communicate, this is it. Sometimes short and concise is exactly what you need.
Now go fight the good fight!