8.5 Social Engineering Countermeasures
Social Engineering Countermeasures
- Good policies and procedures are ineffective if they are not taught and reinforced by the employees.
- After receiving training, employees should sign a statement acknowledging that they understand the policies.
- Password Policies:
- Periodic password change.
- Avoiding guessable passwords.
- Account blocking after failed attempts.
- Length and complexity of passwords.
- Secrecy of passwords.
- Physical Security Policies:
- Identification of employees by issuing ID cards, uniforms, etc.
- Escorting the visitors.
- Access area restrictions.
- Proper shredding of useless documents.
- Training: An efficient training program should consist of all security policies and methods to increase awareness on social engineering.
- Operation Guidelines: Make sure sensitive information is secured and resources are accessed only by authorized users.
- Access privileges: There should be administrator, user, and guest accounts with proper authorization.
- Classification of Information: Categorize the information as top secret, proprietary, for internal use only, for public use, etc.
- Proper Incidence Response Time: There should be proper guidelines for reacting in case of a social engineering attempt.
- Background Check and Proper Termination Process: Insiders with a criminal background and terminated employees are easy targets for procuring information.
- Anti-Virus/Anti-Phishing Defenses: Use multiple layers of anti-virus defenses at end-user and mail gateway levels to minimize social engineering attacks.
- Two-Factor Authentication: Instead of fixed passwords, use two-factor authentication for high-risk network services such as VPNs and modem pools.
- Change Management: A documented change-management process is more secure than the ad-hoc process.
How to Detect Phishing Emails
- Seem to be from a bank, company, or social networking site and have a generic greeting.
- Seem to be from a person listed in your email address book.
- Gives a sense of urgency or a veiled threat.
- May contain grammatical/spelling mistakes.
- Includes links to spoofed websites.
- May contain offers that seem to be too good to believe.
- Includes official-looking logos and other information taken from legitimate websites.
- May contain a malicious attachment.
- The Netcraft anti-phishing community is effectively a giant neighborhood watch scheme, empowering the most alert and most expert members to defend everyone within the community against phishing attacks.
- PhishTank is a collaborative clearing house for data and information about phishing on the Internet.
- It provides an open API for developers and researchers to integrate anti-phishing data into their applications.
Identity Theft Countermeasures
- Secure or shred all documents containing private information.
- Ensure your name is not present in the markets' hit lists.
- Review your credit card reports regularly and never let it go out of sight.
- Never give any personal information on the phone.
- To keep your mail secure, empty the mailbox quickly.
- Suspect and verify all the requests for personal data.
- Protect your personal information from being publicized.
- Do not display account/contact numbers unless mandatory.