We define Social Engineering as \u2018attacking the human\u2019. Which sounds quite brutal and although in the world of cyber this is not a physical attack against a human \u2013 it is a threat that seeks out human vulnerabilities.<\/p>\n\n\n\n
I normally talk about what makes us human by describing your average person as:<\/p>\n\n\n\n
Loving and trusting. Most people on the planet are kind, charitable and peaceful.<\/p>\n\n\n\n
Pack animals. We, by our very nature and existence are herd or pack animals. We live in close family units, within towns or cities and countries with history, traditions and culture that make us who we are. We are also very patriotic, family orientated and biased because of our way of life. We also follow the herd for a large percentage of the time.<\/p>\n\n\n\n
Lazy. We will normally take the quickest or easiest route available. Whether that be a trip to the shops, path to success or way to make money \u2013 if there is a quick and easy option, we will take it.<\/p>\n\n\n\n
There are lots of other traits that make us who we are and of course there are some that don\u2019t fit into this general model.<\/p>\n\n\n\n
The attributes above give us strength \u2013 but inversely make us vulnerable.<\/p>\n\n\n\n
When there is a realistic threat which seeks to exploit a vulnerability \u2013 then we are all at risk of attack.<\/p>\n\n\n\n
Cyber threats that involve social engineering are widespread and the techniques, tactics and procedures employed by threat actors are equally diverse.<\/p>\n\n\n\n
One thing that criminals in particular are good at is evolving and developing new techniques quickly to circumnavigate problems or to exploit new avenues of opportunity.<\/p>\n\n\n\n
We witnessed this several years ago at the outbreak of Covid. Criminals in all forms were using the vulnerability of humans to exploit them. Watering Hole sites, phishing campaigns and online fraud using the cover of Covid all sprang up.<\/p>\n\n\n\n
And so it should be no surprise that the outbreak of war in Eastern Europe should present an opportunity for cybercriminals to rejig their tactics to expose those human traits.<\/p>\n\n\n\n
We all want to help. If you are not able to sponsor a refugee then the easiest way to help is to make a donation to a charity which is helping. Serves several purposes \u2013 helps your fellow human, makes you feel good about doing something and is quick and easy. Some others have rented vans and trucked to Poland to deliver aid, others are running marathons and some are physically in place to assist NGOs where they are needed.<\/p>\n\n\n\n
Me – I will log on and donate a couple of quid.<\/p>\n\n\n\n
But let the donator beware! In the latest NCSC Weekly Report (25 Mar 2022) there is a small but perfectly formed item entitled \u2018Phishing scams \u2018fundraising\u2019 for Ukraine\u2019.<\/p>\n\n\n\n