This month, University Technology’s ([U]Tech) Information Security Office is marking Data Privacy Month by sharing information to help Case Western Reserve University community members keep their information private and secure.
The focus this week is on shielding against social
Social engineering is the use of deception to manipulate users into giving up their confidential information. This category of cyber-threats includes phishing attempts.
The following five pointers are courtesy of the SANS
Resist the rush: Social engineers often create a
tremendous sense of urgency—such as telling you there is a tight deadline—to
trick you into making a mistake. If someone pressures you to bypass or ignore
our policies, it is most likely an attack.
Recognize the “bag of tricks”: Social engineers
use emotions—such as fear, intimidation, curiosity or excitement—to get you to
do what they want. If something sounds suspicious or too good to be true, it
Think before you click: Social engineers want
you to carelessly click on links and not think twice before opening
attachments. Be cautious—one wrong move could infect your device and spread it
Don’t just download it or plug it in: Social
engineers count on you to download unapproved software or plug-in infected USB
drives or external devices. Only use authorized hardware and software. If you
are not sure if something is authorized, just ask.
Ask questions, and if it feels odd or suspicious,
If you think you are experiencing a social engineering attack, hang up the phone or do not respond to the email, and contact the [U]Tech Service Desk (email@example.com, 216.368.HELP (4357) or case.edu/utech/help) or Information Security Office right away.