Strategies for preventing/weathering Social Engineering Attacks?

ThingsOnMyDesk1

Beta member
Messages
1
Location
USA
Hi all,

My boss is very concerned about social engineering attacks as they have been in the news lately. As they have grown more sophisticated it definitely poses a threat to some of the less cautious employees. What steps do you take to block these? Educate your users? Any technical guards I can take?

Thanks!

Bonus: While doing research I found this article on social engineering in movies and TV that I sent to the company to put the threat on their radar :p Information Security and Pop Culture: How Real-Life Social Engineering Techniques are Used in Movies and Television | BetterCloud Blog
 

carnageX

Private Joker,
Staff member
Messages
25,045
Location
South Dakota
Education is basically the biggest and most important thing you can do to prevent social engineering.

Not much for 'technical' preventions (besides maybe a more aggressive spam filter for email), as social engineering is usually human targeted, rather than system targeted.
 

S0ULphIRE

Golden Master
Messages
9,230
Location
Australia
I know there's quite a few companies that offer "social engineering tests" to pinpoint potential weaknesses, you could even do a few simple tests for free yourself - e.g. see if you can get staff to open a dodgy attachment in an email from an unknown source.
 
Top Bottom