Social Engineering: 7 Common Red Flags Blog | Social Engineering: 7 Common Red Flags
Cyber 11/13/20

Social Engineering: 7 Common Red Flags

Most of us believe we now have enough awareness to avoid opening sketchy emails or clicking on dubious links. But the truth is cyber-attacks and phishing scams have become much more sophisticated. Your employees may be immune to requests for money from a Nigerian prince, but are they in tune enough to take a closer look at official looking emails from company vendors and partners, internal employees they regularly communicate with, or from their own personal bank?

What is Social Engineering?

Social engineering is the act of manipulating people into performing actions or divulging confidential information. The term applies to deception for the purpose of gathering information, or computer system access. In many cases, the victim may not even know they granted access to a corrupt third party while leaving the entire company’s system and data vulnerable. This includes the simple acts of clicking on a hyperlink or opening an attachment. In other cases, an email may request you to input information, such as usernames, passwords or account numbers.

How do you know if an email is fake?

It’s important to note that many phishing emails now get by advanced spam filters. All business owners and employees must be diligent in inspecting each part of an email for these social engineering red flags.

From

Check the email address domain. Hackers will use real business names and add innocuous extra words (Person@nowinsurance-support.com). Or misspell the business name, hoping you won’t notice (person@nowinsurrance.com).

In some cases, the sender can make it look like the email is from someone you know and their real email address. The from line may look like this:

From: “Michael Miller – mmiller@nowinsurance.com” <oprxceo@hotmail.com>

It appears to be from Michael, and your eyes will read his email address first, but in reality, it’s from the scam account oprxceo@hotmail.com.

You don’t recognize the senders email address and the email has embedded hyperlinks or attachments.

You recognize the sender but haven’t communicated with this person recently, and the email seems out of the blue.

The email is from someone outside your organization and is unrelated to your job duties.

The email from someone inside your organization, or someone you regularly communicate with (such as a vendor or customer) but the email is unusual or out of character. If something seems off, contact the person in a separate email or by phone. Do not click any links or open any attachments.

To

The email is sent to an unusual mix of people that don’t seem to have much correlation with each other in terms of job function. You might notice everyone’s last name starts with the same letter or another pattern.

You are cc’d along with other people that you don’t know.

Hyperlinks

Hover over the hyperlink, but don’t click. Is the link the pops up in the hover box different than the typed one in the email?

There’s a hyperlink in the email but no other content or explanation.

There are misspelled words in the hyperlink.

Date

The email is sent at an unusual time, such as in the middle of the night.

Subject

The subject is unrelated to the content in the email.

The subject contains a message that sounds urgent.

The subject is attention grabbing and piques your curiosity.

It’s a reply message (RE:) to something you never sent or requested, and you don’t recognize the content.

Content

The sender asks you specifically to click on a link or open an attachment.

The email has bad grammar or typos. (Although this one is becoming less common as hackers become more sophisticated.)

The content does not make sense coming from that particular sender.

The content feels “click-baity”, as in trying to get you to open something funny or embarrassing.

The content is offering something for free (such as a media download) or says you are winner.

Attachments

Don’t open anything until you know the email is legitimate!

The attachment doesn’t make sense from that particular sender (remember, the sender could be someone you know) or doesn’t match the content or subject of the email.

The attachment is a different file type than you usually handle. Even PDFs, JPGs and Word documents can contain malware if opened.

Encourage coworkers (and vendors that handle your data) to get in the habit of practicing skepticism when checking email. It takes extra time, but it’s worth it to prevent employee and customer data from falling in the wrong hands.

Every small business should consider Cyber Liability Insurance to have guidance and a safety net when recovering from a cyber-attack. NOW Insurance offers three levels of coverage based on the company’s needs. Get a quote using our quick and simple online cyber application.

Use our free cyber risk assessment tool to gauge your company’s cyber risk and spot vulnerabilities in your system.

Blog

Tips for protecting yourself and your business.

Cyber

How to Create a Small Business Cyber Security Plan

Cyber

Small Business and Cloud Storage: Is Your Data Secure?

Cyber

Social Engineering: 7 Common Red Flags

Insurance Basics

Getting Liability Insurance for Events

General

Starting an Event Planning Business: A to Z

Insurance Basics

How Much Does Event Planning Insurance Cost?

Insurance Basics

Insurance for Event Planners: What You Need to Know

Insurance Basics

What’s Included in Event Planning Insurance Coverage?

Insurance Basics

What Can a Tax Preparer Be Held Liable For?

Insurance Basics

Tax Preparer Insurance 101

General

4 Nurse Staffing Issues to Avoid

General

What You Need to Know to Be a Tax Preparer

Insurance Basics

Insurance for Bookkeepers: A Complete Guide

General

How to Start a Nurse Staffing Agency

Insurance Basics

What is Liability Insurance for Bookkeepers?

General

How to Build Customer Relations in Your Business

Insurance Basics

A Guide to Medical Staffing Insurance

General

Developing an Effective Risk Management Plan

Insurance Basics

All You Need to Know About Therapist Insurance

Insurance Basics

What is Malpractice Insurance for Counselors?

Insurance Basics

Benefits of Therapist Liability Insurance

Insurance Basics

What’s the Average Counselor Malpractice Insurance Cost?

Insurance Basics

Risk and Hazards of Being a Massage Therapist

Insurance Basics

Do Nutritionists Need Insurance?

Insurance Basics

What’s Included In Massage Insurance Coverage?

Insurance Basics

Everything You Need to Know About Malpractice Insurance Coverage For Nutritionists

Insurance Basics

Do Massage Centers Need Insurance?

Insurance Basics

How Much Does Nutritionist Insurance Cost?

Insurance Basics

Insurance Plans For Nutritionists: Everything You Need to Know

Insurance Basics

Massage Therapy Insurance: A Beginner’s Guide

General

Coronavirus Outbreak: 3 Tips to Keep Your Healthcare Business Safe

General

Company Working From Home? Stay Safe of Cyber Attacks

Insurance Basics

Business Interruption Insurance and Coronavirus

General

4 Best Practices for Medical Workers During the COVID-19 Outbreak

Insurance Basics

Inside the Hacker’s Mind – Social Engineering

Insurance Basics

Do Consultants Need Insurance?

Insurance Basics

Fitness Center & Gym Insurance: A Beginner’s Guide

General

Should Your Company Work From Home During the Coronavirus Outbreak

Insurance Basics

Why Your Business Needs Wellness and Fitness Insurance: A Comprehensive Guide

Insurance Basics

What Is the Cost of Gym Insurance?

Insurance Basics

What Insurance Do Consultants Need?

Insurance Basics

How Much Is Insurance For a Consultant?

Insurance Basics

Benefits of Consulting Insurance Coverage

General

Pay as You Go Insurance for Healthcare Professionals

General

You Have Your Physician Assistant’s License: Now What?

General

Why Are You Still Buying Occurrence Malpractice Coverage?

General

What Does Malpractice Insurance Cost?

General

Physician Assistant Malpractice Coverage: A Practical Guide

General

Do Student Nurses Need Malpractice Insurance?

General

Ouch, You Hurt Me! Do Nurse Practitioners Need Their Own Malpractice Policy?

General

What Type of Insurance Do Nurses Need?

General

Understanding Insurance Terms: Back to Basics

General

What Does Professional Liability Insurance Cover?

General

Types of Insurance Available for Small Business Owners

General

Potential Small Business Risks

General

General Liability Insurance: How to Keep your Business Protected

General

Choosing a Business Insurance Provider: Everything You Need to Know

General

Business Insurance Plans – Do I Need One?

General

Benefits of Professional Liability Insurance

General

What Is the Average Cost of Errors and Omissions Insurance?

General

What Is Cyber Liability Insurance?

General

What Does Errors and Omissions Insurance Cover?

General

Cyber Insurance 101: Why You Need It

General

What Does a Cyber Liability Policy Cover?

General

Errors and Omissions Coverage: What Is It & How Does it Work?

General

What Is the Average Cost of Cyber Liability Insurance?

General

Who Needs Errors and Omissions Coverage?