Social engineering attacks can put your company at risk. Although they frequently involve the use of email, there are several varieties that do not require emails. An example is a “misplaced flash drive.” In this type of attack, the hacker will “accidentally” leave a flash drive somewhere, like the parking lot. They will hope that an employee will pick up the drive and put it in a company computer to discover the owner. Instead, doing so will release malware. There are also the now-famous phone calls that claim to be someone from Windows Technical Support who just wants remote access to the computer.
Over the last decade, hackers have increased their skills with email-based social engineering scams, including the following ones that small business owners must keep in mind and protect against.
- Spear Phishing
- Whaling
- Pharming
- Smishing