What I will say for certain is that “Haste does not result in prosperity” so always read emails and notifications with care as Human Social Engineering is not only effective but very unforgiving.
There are many common mistakes that may help you in identifying possible attempt to fool you into making that very expensive foobar, below are just a few to be brief:
- Check in the following area to help you identify misleading information and also the simple mistakes that are made by scammers whose first language is not English.
- The actual email address and any web links presented on the emails, this can be done by positioning your mouse pointer over the blue hyperlink or displaying the properties of an item.
- The Date and Time that emails were send and received as they should equate to the expected working schedules of the sender if they are already known to you.
- Basic English is sometimes a weak point on the adversary part, so look for miss-spelt common words or the incorrect use of words (which is very common in the English language for a word to have multiple uses in different contexts) In this instance, the English Language is working in your favour.
- One important piece of advice that has saved several of our clients from financial loss, has been effective when a member of their accounts team has received a simple request that appears to be from a high ranking official within the company to move company funds. A simple yet important is to have an agreed code word or something that can be checked between the individuals concerned before funds are transferred. At the very least if nothing else, call the person that is requesting for the transaction for confirmation or confirm this predetermined and agreed code.
To conclude I can only say that malicious Social Engineering Techniques whether it is inflicted by email or verbally over the telephone may lead to unprecedented financial losses and for those involved the possibility of individuals having to deal with really devastating personal suffering.
There are many quick educational course’s that staff can be enrolled on to develop their skills in avoidance of targeted Social Engineering attacks. Hopefully, you have found some of this information helpful in the aggressive world of modern communications.