Social Engineering is considered as one of the online threats, but unlike virus and worms, it is not a bot that thrives on a device.
Social Engineering involves 2 human beings- the manipulated and the manipulator. The persons involved may or may not know each other, and the objective is to get the other person “do” something.
The “doing” can lead to an offense cyber related or not, in the Philippines, here are the common forms of social engineering.
- Cyber “boso”– a woman agreeing to strip on camera/web or send nude pics, supposedly for personal intimate use. But the material ended up in the web.
- Phishing- the perpetuator sending email or link that request you to enter your bank or other financial credentials like pay pal account and credit cards. This may also apply to your email and social networking accounts. The objective is to steal your data and cash/credits.
- Email scam- This is when the victim receives a hacked email of a friend or relative, and requesting them to send money because he was allegedly stranded and robbed in a distant place. Another variation is an email telling you that you won in a lotto draw or you are recipient of a grant.
- Text scam- The objective is similar to the email scam, the objective is to trick the victim to depositing/sending money to the perpetuator.
- Malware – this is common in Facebook, gaming, gambling, porn and file sharing sites. The objective is to trick the user to download and use/install a file, disguising as the latest scandal video, mp3, game and picture. The objective range from spamming, to stealing your data or taking over your account or destroying your reputation or account.
- Telephone scam- this is the traditional one, though non web in nature, it is worth mentioning here. Someone will call or visit your helper or relative at home to trick them so they can gain entry to the house and steal, or ask money from the person left in the house because you or a member of the family allegedly figured out in an accident.
- GMA 7’s “think before you click” can help- [the tv network found value on the advocacy we started last year and elevated the campaign to broadcast media]. Simple message: use social web responsibly
- If you received an email allegedly from your credit card company, bank or other financial institutions, or from social networking sites, place the cursor on the link they want you to click [but do not click] and see where this will take you. Your browser will show you where the link will bring you. If it is from the financial institution, it normally uses https.
- If you received an email or SMS asking you for money or username/password; account#/PIN, verify first by calling the concerned group or persons.
- If you do not want your “intimate moments”, or the “glory of your nakedness” to be shared to the world, do not allow yourself to be video taped or photographed. You have no control of what will happen next.
- If you see a link in your Facebook wall and it makes you curios or awakens your sensuality, check w/ your connection if s/he shared it, if not report to Facebook.
- If someone you do not know suddenly mentioned you in twitter with no message just plain link, block and report for spam.
- Bottom-line: be skeptical, probe and verify before you trust and take action.