Social Engineering Countermeasures

In a typical social engineering engagement, a threat actor uses social skills and takes advantage of human error to obtain or compromise an organization’s assets.  

To help your organization stay prepared, we’ve outlined how countermeasures can round out your organization’s social engineering policy and protect against social engineering schemes.Countermeasures against social engineering attacks focus on eliminating human error. 

  • Good policies and procedures are ineffective if they are not taught and reinforced by the employees.
  • After receiving training, employees should sign a statement acknowledging that they understand the policies. 
  • Password Policies:
    • Periodic password change.
    • Avoiding guessable passwords.
    • Account blocking after failed attempts.
    • Length and complexity of passwords.
    • Secrecy of passwords.
  • Physical Security Policies:
    • Identification of employees by issuing ID cards, uniforms, etc.
    • Escorting the visitors.
    • Access area restrictions.
    • Proper shredding of useless documents.
  • Training: An efficient training program should consist of all security policies and methods to increase awareness on social engineering.
  • Operation Guidelines: Make sure sensitive information is secured and resources are accessed only by authorized users.
  • Access privileges: There should be administrator, user, and guest accounts with proper authorization.
  • Classification of Information: Categorize the information as top secret, proprietary, for internal use only, for public use, etc.
  • Proper Incidence Response Time: There should be proper guidelines for reacting in case of a social engineering attempt.
  • Background Check and Proper Termination Process: Insiders with a criminal background and terminated employees are easy targets for procuring information.
  • Anti-Virus/Anti-Phishing Defenses: Use multiple layers of anti-virus defenses at end-user and mail gateway levels to minimize social engineering attacks.
  • Two-Factor Authentication: Instead of fixed passwords, use two-factor authentication for high-risk network services such as VPNs and modem pools.
  • Change Management: A documented change-management process is more secure than the ad-hoc process. 

How to Detect Phishing Emails

  • Seem to be from a bankcompany, or social networking site and have a generic greeting.
  • Seem to be from a person listed in your email address book.
  • Gives a sense of urgency or a veiled threat.
  • May contain grammatical/spelling mistakes.
  • Includes links to spoofed websites.
  • May contain offers that seem to be too good to believe.
  • Includes official-looking logos and other information taken from legitimate websites.
  • May contain a malicious attachment.

Anti-Phishing Toolbar: Netcraft

  • The Netcraft anti-phishing community is effectively a giant neighborhood watch scheme, empowering the most alert and most expert members to defend everyone within the community against phishing attacks.

Anti-Phishing Toolbar: PhishTank

  • PhishTank is a collaborative clearing house for data and information about phishing on the Internet.
  • It provides an open API for developers and researchers to integrate anti-phishing data into their applications.

Identity Theft Countermeasures

  • Secure or shred all documents containing private information.
  • Ensure your name is not present in the markets’ hit lists.
  • Review your credit card reports regularly and never let it go out of sight.
  • Never give any personal information on the phone.
  • To keep your mail secure, empty the mailbox quickly.
  • Suspect and verify all the requests for personal data.
  • Protect your personal information from being publicized.
  • Do not display account/contact numbers unless mandatory.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *