Have you ever been contacted by an unknown number claiming to be your friend or colleague? Since the account uses a photo of your friend or colleague, you may believe that it is someone you know. The account then asks you to lend money. But unfortunately, it turns out that this person is only pretending to be your acquaintance. Incidents like this are often referred to as soceng a.k.a social engineering. Let’s find out what the types of soceng are and how to prevent them!

[Also read: Get to Know the Roles of Sales Invoices in Business]


What is social engineering?

Social engineering or soceng is a way of manipulation that utilizes human error so that the perpetrators can obtain and access private and valuable information. One type of social engineering that is often done is to make users access data so that the device they use will be exposed to malware attacks. In addition, social engineering can also be done by providing access to restricted systems. The social engineering mode can be done directly, online, or through other types of interaction.


Types of social engineering


As already explained, social engineering can be done in various ways. Here are some types of social engineering that are often found.


1. Baiting


Baiting alias bait attack is a mode through false promises made by increasing the target’s curiosity. The baiter will then take advantage of the target’s personal information. Apart from that, they can also use malware to disrupt the system.

[Also read: Being a Consistent Businessman, What Are the Benefits?]


2. Scarware


The scareware mode is carried out through threats that are sent to the victim. These threats will make victims think that the system they are using is infected with malware. Then to overcome this, the victims were asked to install the software. In fact, the software does not work to deal with malware.


3. Pretexting


When pretexting, social engineering actors will try to get information through several frauds. Usually, pretexting begins with a message given by the perpetrator to the victim regarding the existence of emergency information that requires the victim to act immediately. To convince the victim, the perpetrator will also build trust, for example pretending to be a co-worker to a bank officer.


4. Phishing


Phishing is one of the most common types of social engineering, especially in e-mails and short messages. The message will contain emergency conditions or conditions that make the victim feel afraid. Then, they will be directed to click on a link that actually contains a malicious link or a link that contains malware.


Tips for avoiding social engineering.


Basically, social engineers aim to manipulate victims through curiosity and fear. This condition then makes the victims trapped. To avoid social engineering, there are several things you can do, such as the following tips.


1. Use multi-factor authentication


One effective step that will help you avoid social engineering is to use multi-factor authentication. You see, this step will prevent social engineers from accessing your account. When you use multi-factor authentication, you may be asked to do two steps before logging into your account, such as through a password and a code sent via SMS.


2. Beware of tempting offers


Regardless of how attractive the offer you receive, you must not act rashly. First, gather as much information as possible on the internet to ensure that the offer is not a scam. In addition, you also need to use an updated anti-malware or antivirus tool.


3. Do not carelessly open email


If you get suspicious emails and links, don’t rush to open them. Be sure to check first to determine whether the sender of the message is a trusted source or not. In addition, even though you already know the sender, you must also remain vigilant and ensure that the service provider is an official account.


In the midst of the many conveniences that we can experience through advances in digital technology, we must remain wise and not immediately trust the offers we get. As a business owner in the digital era, you also need to ensure the security of your business through the use of the Cashlez business application that has received a license from Bank Indonesia. In addition, you are also not allowed to share personal data such as passwords and PINs.

Share : icon icon