{"id":67869,"date":"2017-04-19T09:00:24","date_gmt":"2017-04-19T16:00:24","guid":{"rendered":"http:\/\/blogs.microsoft.com\/microsoftsecure\/?p=67869"},"modified":"2023-05-15T23:04:17","modified_gmt":"2023-05-16T06:04:17","slug":"is-social-engineering-the-biggest-threat-to-your-organization","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2017\/04\/19\/is-social-engineering-the-biggest-threat-to-your-organization\/","title":{"rendered":"Is social engineering the biggest threat to your organization?"},"content":{"rendered":"
“Always remember: Amateurs hack systems. Professionals hack people.” \u2013Bruce Schneier, CTO, Counterpane Internet Security, Inc.<\/p><\/blockquote>\n
All over the globe, social engineering is a dominant and growing threat to organizational security. Since January 2015, the number of social engineering victims identified by the FBI<\/a> has increased 270 percent, costing businesses more than $2.3 billion.<\/p>\n
Social engineering happens when a hacker uses manipulation, influence, or deception to get another person to release information or to perform some sort of action that benefits them. Essentially it just comes down to tricking people into breaking normal security procedures such as divulging a password.<\/p>\n
Some common types of social engineering include:<\/p>\n
\n
- Spear phishing<\/strong> \u2013 sending an email that appears to be from someone you trust, such as the CEO or corporate IT, requesting you to take an action that makes confidential information vulnerable.<\/li>\n
- Dumpster diving<\/strong> \u2013 rummaging through the trash to try to find confidential information like design documents with IP information, marketing plans, employee performance plans, or even organizational charts and phone lists.<\/li>\n
- 10 degrees of separation<\/strong> \u2013 appearing to have a shared connection you trust to make you feel more secure about discussing confidential information<\/a>.<\/li>\n<\/ul>\n
No matter how strong your technical security is, your organization\u2019s people are often the most vulnerable link in the chain. But, with thorough, thoughtful, and regular education, they can also be your biggest asset in your fight against social engineering.<\/p>\n
To learn how to implement strong security policies and build a security-aware culture to help protect your organization from social engineering risks, check out the Insider\u2019s Guide to Social Engineering<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"
“Always remember: Amateurs hack systems. Professionals hack people.” \u2013Bruce Schneier, CTO, Counterpane Internet Security, Inc. All over the globe, social engineering is a dominant and growing threat to organizational security. Since January 2015, the number of social engineering victims identified by the FBI has increased 270 percent, costing businesses more than $2.3 billion. Social engineering […]<\/p>\n","protected":false},"author":61,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false,"_classifai_error":"","footnotes":""},"content-type":[3663],"topic":[3687],"products":[],"threat-intelligence":[3736],"tags":[],"coauthors":[1957],"class_list":["post-67869","post","type-post","status-publish","format-standard","hentry","content-type-research","topic-threat-intelligence","threat-intelligence-social-engineering-phishing"],"yoast_head":"\n
Is social engineering the biggest threat to your organization? | Microsoft Security Blog<\/title>\n\n\n\n\n\n\n\n\n\n\n\n\t\n\t\n\t\n\n\n\n\t\n\t\n\t\n