Understand the latest social trends that involve deception for malicious purposes

In the digital age, where businesses rely heavily on technology, a new threat has emerged that is proving to be particularly challenging to combat. Social engineering attacks, which exploit human behaviour to achieve malicious goals, are on the rise and pose a significant risk to companies worldwide.

Recent incidents highlight the potential damage these attacks can cause. For instance, a large asset management company was tricked into transferring one million euros to a fraudster, demonstrating the financial impact such attacks can have. The attack involved a fake non-disclosure agreement (NDA) that looked like it came from DocuSign, followed by a phone call where the attacker cloned the company boss's voice using AI.

Complex vishing (voice phishing) attacks, such as those from the hacker group Black Basta, are becoming more common. These attacks use legitimate Microsoft Teams logins to gain victims' trust, making them even more dangerous. Attackers pose as internal IT staff and trick victims into using the Windows app "Quick Assist," providing them access to the victim's computer.

Attackers often target individuals within a company who have extensive privileges. They create technical problems, such as email bombardment or graymail flooding, to make their stories more convincing. A technique called pretexting has developed, where victims are tricked into following attacker's instructions based on false assumptions.

Social engineering lies at the intersection of cybersecurity and psychology. It does not focus on exploiting vulnerabilities in code or network architecture, but rather on exploiting human behaviour, which is often the weakest link in the security chain.

Employee protection and awareness are crucial in preventing social engineering attacks. Both Teams and Zoom offer options to restrict communication to trusted domains and organizations only, which can be an effective measure. Implementing conditional access policies can strengthen access control within the company, limiting the potential damage a compromised account can cause.

Stress on an already busy day is an extremely effective trigger for social engineering attacks. Attackers attempt to gain access, extend their privileges, and move laterally within systems, potentially stealing large amounts of data. In social engineering attacks, victims are often called by someone posing as a help desk manager, promising to solve the problem and gain access to their systems.

Video chat applications have built-in remote capabilities that attackers can exploit, so it's important to review and configure these features according to organizational requirements. As social engineering attacks have become more strategic and precise in recent years, it is essential for businesses to prioritise employee education and awareness to protect their sensitive data.