A few weeks ago there were a couple homes in my neighborhood that were entered illegally. During the night, as people slept in their own beds, criminals entered their homes and stole wallets and purses from kitchen counters and coat racks. Once outside the homes the thieves rummaged through the items, taking only the cash and leaving behind the victims identifications and credit cards. Thankfully! We are very thankful that no one was hurt, we are very thankful that not much was lost, and because of the way this was done, we believe this to be the work of “neighborhood kids”. All that being said, these kids committed a crime, and the people who were victimized have lost more than their cash, they’ve lost their sense of security.We live in a safe neighborhood, and many people, before this happened, left their doors unlocked at night. It’s so easy to take our safety for granted isn’t it? If only their doors had just been locked, maybe this wouldn’t have happened. This got me thinking about how to best protect our home and our sense of security, and also about how that applies to the technology-filled world that we live in today.
Social Engineering, simply put, is the manipulation of people in order to gain confidential information.
Here are 3 things you need to start practicing today in order to help yourself from becoming a victim of social engineering.
- Lock your doors! As it pertains to technology, password protect everything! Then, don’t keep your passwords under the equivalent of a hide-a-key rock. And, don’t tell everyone, and their neighbors, where your passwords are kept. While your at it, change the locks once in a while! Yes, we all hate memorizing new passwords, but we have to do it now.
- Stop the real-time sharing of your family vacations. It’s like you’re walking through the neighborhood and the hallways at your kid’s schools with a bull-horn announcing that you’re out of town, the dogs are at the kennel and the lights in your house are just on a timer. I get it, we all want to share the highlights of our trips, and some of us even want to see those highlights, but wait until you’re back home before posting pictures of your trip to the Grand Canyon on Instagram. People will still “like” them, even if they see them a week later (the Grand Canyon doesn’t change that much from week to week).
- Read your emails more closely. If your colleague’s name is Matt Smith and you get an email from firstname.lastname@example.org exclaiming that he’s really gotten himself into a jam and is falling behind on a project but that you could REALLY help him out by proof-reading his latest newsletter article before he sends it to print. “Just go to this link or download the article right here…you have no idea how much this is going to help me out.” STOP! Can you find the clue to knowing that this isn’t the real Matt Smith? Check that email address again.
It’s frustrating that people are willing to take advantage of other people’s trust. It’s annoying to change passwords so often that you can’t remember them. It’s old-school that we should invite people to view the slides from our trips after we’ve returned home. It’s unsettling to think that someone would use Matt Smith’s identity (with a slight variation) to get us to download harmful malware or virus’s on our computers. And it’s sad that we can’t live in a safe neighborhood and keep our doors unlocked at night. But this is the world we live in and the alternative is too dangerous and too costly.