Criminals have been using social engineering techniques for centuries to con victims into handing over their hard-earned money. However, cybercriminals are now using advanced social engineering techniques to commit digital crimes. Use of social engineering is growing, especially in email attacks on organizations.
These phishing, spear phishing (targeted phishing) and Business Email Compromise (BEC) attacks – also known as CEO Fraud – are highly varied, although they have one thing in common. They rely on human interaction and the manipulation of behavior to steal sensitive information such as login credentials, money or fool individuals into installing malware or ransomware.
There is some confusion about what social engineering based scams are, how cybercriminals use social engineering to fool end users into installing malware or revealing sensitive information and how these scams can be blocked.
Agari’s Chief Scientist, Markus Jakobsson has joined forces with other leaders in the field of cybersecurity to explain what social engineering based scams are, how they are conducted, why the use of social engineering has increased, and most importantly, how organizations can block social engineering based email attacks.
These insights into social engineering attacks have been penned in a new book, Understanding Social Engineering Based Scams, which has now been released via Amazon. The book is essential reading for decision makers and security researchers looking to learn more about the tactics used by cybercriminals to gain access to financial accounts and networks.
“We wrote Understanding Social Engineering Based Scams to help raise awareness of social engineering, which provides the ‘deceit’ component that has powered some of the world’s most visible and successful cyberattacks, including the Ukrainian power grid and Ubiquity attacks in 2015, and the Bangladesh Bank and John Podesta / DNC attacks earlier this year, explained Jakobsson.
The book covers the scams, how individuals are targeted, why people are fooled by these scams and the metrics of email scams, along with how filtering technology can be used to mitigate risk and threats.
Jacobsson said, “We hope to lay the foundation for deeper understanding of the problem as without this understanding, we won’t be able to stop these scams and prevent the subsequent damages.”