Watch Out for "Social Engineering"

Cyber Feedback

Cyber criminals have learned that the easiest way to hack your computer or steal your data is to mislead you. In this newsletter, you will learn how these type of "social engineering" attacks try to trick you and what you can do to protect yourself (and the City of LA).

What is "Social Engineering"?

Social Engineering is when a hacker tricks you into doing something you would not normally do.  For example, if a hacker pretends to be from your Accounting Department and asks you to fill out an online form to approve a payment.  Or when they say they work for Microsoft and need some information to fix your computer.  Hackers frequently use information, websites, and email addresses that appear legitimate... but are not!

How do I avoid becoming a victim of a "Social Engineering" cyber attack?

  1. Think twice before clicking - Avoid quickly clicking on links in emails or downloading attachments.  If something looks fishy, it probably is (even if it looks like someone you know).
  2. Don't be fooled by BIG topics - Hackers often choose very big topics for their social engineering attacks (Court Notice to Appear, IRS Refunds, Job Opportunity, Coupons, Bogus Package, Celebrity Photos).  Don't be fooled, they just want you to click.
  3. Don't get caught off-guard - Hackers know when targets are rushing, sleepy, or simply not watching.  Social engineering attacks can happen anytime, including middle of the night, end of a busy day, Friday before a holiday, etc.
  4. Use discretion when posting personal information on social media - This information is a treasure-trove to scammers who will use it to feign trustworthiness.
  5. Verify the identity of anyone who contacts you through different means - Do not use the information they provide you.