Follow Us On Social Media

data

Social Engineering Attacks In Network Security in Nigeria

Posted on by Adeniyi Salau

Social engineering in Network Security attacks in Nigeria is real. The funniest part of it is that many people are failing victim everyday. 

 

There are many people that are tricked to reveal certain information that they might not want to have divulged but because they have little knowledge about social engineering. They found themselves divulging sensitive information. 

 

Imagine you are working with a company that deals with financial transactions and one sunny afternoon someone called you. He told you that he is calling from your Network Service. He said he noticed some glitches on your network.

 

He now asked you to provide some sensitive information and you did because you believed. After that fateful day, you noticed that all your data were wiped out and your company post a lot of money. That is Social Engineering at work. 

 

You need to guard against it. 

 

Social engineering attacks is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.
Social engineering attacks happen in one or more steps.

 

A perpetrator first investigates the intended victim to gather necessary background information, such as potential points of entry and weak security protocols, needed to proceed with the attack. Then, the attacker moves to gain the victim’s trust and provide stimuli for subsequent actions that break security practices, such as revealing sensitive information or granting access to critical resources.

. Recognise potential cyber risks.

Contents hide
1 . Recognise potential cyber risks.
2 #1 Highly sensitive data requires vigilant protection
2.1 #2 Protect your company’s Proprietary data.
2.2 #3 Follow industry-recognised Security Practices
2.3 #5 Be suspicious of email attacks
2.4 #6 Hover over all hyperlinks before
2.5 #8 Update Your Browsers and Resources
2.6 #9 Never reuse a password across multiple accounts and devices.
2.7 #10 Follow company policy. If you don’t know. Ask.
2.8 Action Point
2.9 Related posts:

#1 Highly sensitive data requires vigilant protection

First and foremist, you need to classify your data to know how sensitive those data are.

PEOPLE ALSO READ:  How To Establish Incident Response Capability

 

Let me use your house, a bank and Aso Rock as a case study. The kind of protection you provide for your humble apartment is based on the type of property that you have in your house. 

 

You cannot compare that to the level of protection that will be provided by a bank that have much to loose if a hacker have access to their network. You cannot also compare that to the level of protection that will be provided at the Centre bank or Aso Rock. 


–Attackers are becoming more sophisticated. Keep your Personally Identifiable which are data that can be used to uniquely identify you such as SSN, BVN, Full names, Birthdays, Biometrics, Passport, ID, Credit Card, Phone No among others safe.

 


#2 Protect your company’s Proprietary data.

There are some data that are so sensitiveabd are owned by your organisation alone. If you have such data in your care, you have to make sure that those data are protected . Do not give your husband the official laptop to surf the web. That is not love, it’s stupidity. 

Anything official should remain official. 

 

Remember, Data is the new gold.


#3 Follow industry-recognised Security Practices

 

There is a need for you to follow industry data when it comes to data protection..

 In all industries there are best Practise that are adopted when. it comes to data protection to avoid story that touches. For example, nobody will allow you to open a laptop inside the banking hall. No banker will also accept a flash drive.

PEOPLE ALSO READ:  MTA 98-360: Configuring the Start Menu In Windows 8.1

 

This must be incorporated into security practices. You need to create a security-minded workforce.


#4 Be proactive with your information

 

You need to always ask a question most especially Privacy related questions.

 

Your proactiveness will save you a lot of data and protect you from network security beaches. This is following the principle of “If you see something, say something”. This is very vital. 


#5 Be suspicious of email attacks

You also need to be suspicious of any email text or voice message requesting sensitive information or a financial transaction.


#6 Hover over all hyperlinks before

There are some of us that are fond of clicking on any links that we come across on the internet of social media. This is a very bad practice. Some of this links has the ability of loading paypods into your system which can make your systems suspectible.

 

#7 Multi Step Verification 

There is a need for you to sey up multi-step verification that requires a unique security code for authenticating the system.You should not operate a system where people just know how password and login into a system. 

 

You can have biometrics or tokens that will generate another tokens that can be used to login into a system. This will go a long way in ensuring that only authorized personnel are logging in, into the company assets .

 


#8 Update Your Browsers and Resources

Also, you need to know that organisations and app providers always rush to market. Because of that many of them do not take time to block security vulnerabilities on their apps and devices. .

 

That is why they always release security updates from time to time. I always tell my students that it is better you install any apps that you feel it will be difficult for you to be updating such apps. This will ensure that you are always protected against emerging threats. 

PEOPLE ALSO READ:  2 Major Benefits Of Online Banking Platform

 

 

Ensure your browser, mobile devices, and computer systems are updated with the most recent patches. 

 


#9 Never reuse a password across multiple accounts and devices. 

There are many users that are always lazy when it comes to updating passwords. You have to endure that individual signing into devices are not allowed to use weak passwords. 

 

The password must contain capital letters ,small letters and special characters. The password also must not be less than 8 characters. 

 

You also create a system that forced your mobile users to change their password every six months. This is protect you from password related attacks


#10 Follow company policy. If you don’t know. Ask.

There is also a kind of attack called man in the middle attack. This is an attack that occurs because someone somewhere is careless and fail to follow the rules.

 

You to to ensure that individuals and employees are trained from time to time to follow the rules. There should be consequences for not following the rules as well. Remember that hackers only need one single loophole in order to fulfill their mission. Let’s be guided. 

 

Action Point


PS: I know you might agree with some of the points raised in this article or disagree with some of the issues raised.

Please share your thoughts on the topic discussed. We would appreciate it if you could drop your comment. Thanks in anticipation.

Sharing Is Caring. If you enjoy this article, help us share with others.
truehost

Related posts:

  1. The Ultimate Online Privacy Guide for Journalists
  2. Differences Between Wireless And Wired LANs
  3. How To Establish Incident Response Capability
  4. Understanding Diamond Model Of Intrusion Analysis

Leave a Reply

Your email address will not be published. Required fields are marked *