Social engineering

Forgotten your access card for the building? It can happen to everyone. That is why you don’t hesitate to let your seemingly new colleague in with you. Or the postman for that matter. How do you respond to an unknown helpdesk employee who wants to take a self-invited look at your computer? Are a fancy job title and an emotional request, or a little smooth-talk your magical keys?

Don't allow yourself to be deceived by a habit hacker.

What is social engineering?

In social engineering, cyber criminals exploit human traits such as fear, greed, curiosity, trust and ignorance. This is how scammers trick you into sharing personal or business-sensitive data. What types of social engineering are there, and how do you protect against it?

Physical social engineering

Physical social engineering involves a hacker looking for an opportunity to physically take control of data.

Examples include intercepting or searching letters and other documentation, knowingly distributing USB flash drives containing malicious software, or someone posing as a trusted party. For example, as an employee of a maintenance company or delivery service. Watching your screen on the train or at another location is also a form of social engineering.

Digital social engineering

Sometimes deception takes place digitally. For example, through the Internet, telephone or through messages on phone or whatsapp. To do this, the cybercriminal uses stolen information, among other things, to build trust. They collect that information through social media and other online sources. Therefore, always be careful what you post online.

Examples of digital deception include:

  • Phishing
  • CEO fraud
  • Spear phishing

Our social engineering tips

  • Do not transfer money or pay bills when asked to do so via email or phone. Check first that these really come from your bank or someone you know.
  • Do you get an uncomfortable feeling about a message? Do you feel uncomfortable or pressured? Interrupt contact and contact the organization or person through a known, familiar phone number.
  • In public places, be careful that people cannot read along on your screen, or when typing in your password.
  • Be aware of what you share online and use privacy settings to shield your information.
  • Use strong passwords and multi-factor logins. For example, a password combined with a fingerprint or a unique code on your phone.
  • Lock your screen when not using a device or walking away from your workstation.
  • Don't write down passwords or keep them in a place where others can easily read them.