Protecting your Company from Todays Security Threats
Understanding the underlying psychology behind social engineering
Social engineering is a widely operated technique used by hackers in order to extract sensitive information from companies. Criminals will implement their effective tactics onto unsuspecting employees proposing one of the greatest risks to business security that we are now facing.
Six Common Types of Social Engineering Attacks
Spear Phishing
Cybercriminals will target a companies electronic communication system such as emails in order to install malware. This form of phishing is seen as an unsuspecting link from a potential "client". These links are capable of installing malware onto an employees computer, compromising sensitive information.
Pretexting
A cybercriminal will develop a fabricated scenario with the goal of extracting information such as financial information and passwords from an unsuspecting victim. These criminals will typically pretext themselves as officials, the IRS, or CEO's that urgently need this data.
Watering Hole Attack
This is a type of attack in which the hacker will analyze websites that are likely to be visited by your company. They will take this information and infect that website in order to gain confidential information once logged in. Hackers will commonly install a backdoor trojan and malware software.
​
Whaling
Focused on attacking politicians and higher level executives, cybercriminals will disguise themselves through website spoofing and or CEO fraud in order to gain the trust needed to download malicious software onto the targets computer.
​
​
BEC Scheme
Business email compromise schemes are an attack deployed by an email account compromise (EAC). The hacker will send their target an email through a familiar account that they have gained access to. Their goal is to exploit the companies information from an already familiar email address.
​
Diversion Theft
Diversion schemes are the act of impersonating an employees email with the goal of tricking a victim to unknowingly send sensitive information to the thefts spoof account.
​
​
​
REDCON'S Approach to Cyber Security
REDCON focuses on understanding the discrete patterns and underlying psychological mechanisms used by social engineers. We believe in approaching each client with the goal of educating them in how to recognize these psychological manipulation techniques that social engineers are trained to deploy in person and online.
Contact
Like what you see? Get in touch to learn more.