Why do we become victims?

I think all these previously mentioned cases show that the main threat in these incidents is social engineering. But why social engineering? What is the reason for being a victim of social engineers? Why could people not prevent themselves from potential attacks?

From my point of view, as it is always observed, the main reason is not being aware and educated enough about cybersecurity. But why? Do you think national organizations do not give enough information on cyber threats and prevention methods? No. From my experience, I am sure all national organizations do their best to educate people. But sometimes the problem is just people. They do not want to receive the information, or they do not care about protecting their data or learning more about the digital world they live in. In the end, they wake up when they become a victim of simple social engineering attacks, or they regret not being careful.

For instance, the first case we talked about in this section shows that people open any link or file sent by strangers. In the second case, people did not pay attention to the domain name of the internet banking page, they did not see that the email came from the domain name rather than the official bank domain name, or they never questioned why the bank would send an email about payment, which had never happened before. The third incident shows that the victim used her computer even when she noticed that her OS password had been reset instead of giving information to the responsible organization. And finally, the last case, which is a very simple social engineering incident, allows us to learn that people still believe straightforward phone callers and they lose lots of money.

Finally, at the end of this section, I would like to give some recommendations for all users:

  • Social engineering attacks (letters, messages, calls, and so on) always contain words or other content that sounds urgent, to make you act before thinking.
  • The attackers usually approach you from your point of view or interests to encourage you to click, download something, or give confidential data, such as your password, bank account information, or just money.
  • One different letter or symbol in a domain name and you are on a fake website and become a victim of phishing. Always try to check the website name or find the web address from the search engine to avoid phishing.
  • Try to learn more about social engineering before you become a victim and lose your data or money.
  • Posting your personal information on the web as a public post gives others more opportunities to make you a victim.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.138.135.80