Social engineering: 7 signs that something is just not right

Comprehensive awareness training for your company’s employees should prevent these scenarios from taking down your network.

social engineering
Credit: Thomas
Keep an eye out for this

The best remedies a company can put in place start with education and teaching what to look for and what not to do. Morey Haber, vice president of Technology, BeyondTrust, lists some of the gotchas that should make your employees back away from the incoming email.

4 ru
Credit: Marc Veraat
.ru is safe, right?

Verify the links are for real domains and not questionable like .ru. There are several free services available, which can be found with a quick Google search, that can assist with verifying links. Never click before verification of a link.

social engineering
Credit: Clay Junell
Poor grammar

If there are simple typos or grammatical mistakes, or the subject line seems odd, it could potentially be a fake.

social engineering
A trusted source?

Verify the email address is really an internal address and from a trusted source. Do this by sending your own new and unique message to the alleged sender in question. Do not reply to a possible fraudulent email, as phishing criminals can very easily spoof an address so it appears to be from a trusted source.

social engineering
Question the source

If your name is not in the To: or CC: line, or many of your colleagues are listed (dozens or even hundreds), question the source.

social engineering
Personal information

If an email requests any sensitive information like your address, bank accounts, Social Security, or even date of birth, it is probably a fake. There is no reason someone (or company) should be collecting this information from you blindly; especially in an email format. 

Change your password?
Credit: Nana B Agyei
Change your password?

If an email requests you change a password by clicking on a link, just don’t do it. Even if the email appears perfectly legit, open a browser and go to the website using the proper URL instead. Then, change the password after you login. Some of the best phishing emails look perfect when compared to these recommendations and will catch you by just changing your password. 

Big bucks is in your future
Big bucks is in your future

Does the email promise you money or claim you have inherited money? If so, it's probably a fake. Any email that claims it has money in your name, asks you to send money to pay taxes and release the funds, or that you have won money, is a fake.