This article applies to everyone!
At TeamViewer, we want to help you to be prepared for any potential scam attacks. Therefore we released our Five Rules to protect against Social Engineering.
The original source is the Blog post The danger of Social Engineering
1. Recognize it is real
The first thing is to make yourself aware that scams and Social Engineering attacks are real and that anyone can be targeted.
With this knowledge, you already made it half-way through your protection.
2. Stay alert
The next step is to stay alert and if you have the feeling that something isn't right or sounds too good to be true - remind yourself about what you know about Social Engineering: maybe someone is trying to trick you and take advantage of you.
If you ever find a USB Stick you find in front of your office, do not plug it into your computer to find out who lost it. Rather bring it directly to a technical expert and explain to them where you found it. Chances are that a fraudster placed it with the hope that you would find it and plug it into your computer and with this – give him access to your company network. This scam is called USB baiting and can cause severe damage to your company.
You should also keep in mind, there is no prince out there who needs your help and will pay you millions back if you do him a favor right now. An email saying this is a Quid pro quo scam. Don't be fooled by this.
3. Stay calm
If you are getting a suspicious phone call or email, it is better to hang up the phone, delete the email or shut down your computer and take a break to reflect on what occurred. And no worries- it is not rude to simply hang up.
Slow down and take your time to think about what happened. Does it really sound plausible? Do you have any way to prove whether what they want to make you believe is correct?
Do not let anybody rush you and force you to make a decision you have not thought through completely. And never wire money to a caller or someone who reached out to you. Do not make a bank transfer, never do any gift card payments or any other form of virtual payment you have been asked to do.
These days there is no such thing as being "too security-aware".
4. Question everything
You should always question information, question emails and their senders, and question any offers you are getting. And think twice when sharing any of your data. Unless you are certain who you are speaking to and that the specific information you are asked to give is needed, refuse to give out any information or personal data.
It might slow down your pace a bit, but it is safer for you, your family, and your company. And not being tricked by a criminal will save you a lot of time and trouble in the long run.
Do not click on hyperlinks in suspicious emails. I know - it is so easy and saves so much time but typing in the URL on your own is necessary to ensure you are navigating to the trustworthy website. Remember that phishing websites can look exactly like the website you were looking for.
5. Use software to help you
Make sure to install proper software to help you protect yourself.
Keep your software up-to-date and install security patches as soon as they are available. Download software directly from the company website.
Running the latest version of an operating system and software is a significant pillar of keeping yourself secure. And never underestimate the benefits of having a robust antivirus software. It can assist you in recognizing hacking attempts.
You must know that there is no software out there that can protect you with 100% from Social Engineering. It is you! Only you can protect yourself by being aware of Social Engineering. Software can only support you.
Educate your loved ones: A typical scam call
Feel free to hand the below graphic over to your friends or family members to raise their awareness regarding scam calls too.