Best practices for preventing social engineering attacks

If you have no knowledge of what Social Engineering is all about, you can check my post on “Exploiting Human Vulnerability“. Where I explained Social engineering and its form of attacks.

In a nutshell, Social engineering is simply, the act of convincing someone into giving out confidential information. Which the perpetrator will use in compromising his victim.

In this post, I will be addressing how you can prevent these type of attacks.

1. Educate yourself:

educate yourself on information security

The best way of protecting yourself from social engineering (SE) attacks is by educating yourself on SE attacks, how they work and always be at vigilant.

You can’t possibly defend yourself if you don’t know what(how) social engineering attacks look (work) like.

Being aware of social engineering tricks puts you one step ahead of the game. Don’t get too confident, question everything.

Never give out any confidential information about yourself or your place of work over the phone, text, email, or in-person unless you are sure of the person and the motive behind the data collection.

If you get a call from a person claiming to be your bank customer care representative saying your account or card has been compromised and start requesting your confidential information, say “I will call you back” end the call and call your account officer or go to the bank to verify the state of your account, rather than speaking to whoever called you. “Never give out your Bank Verification Number (BVN) or ATM Card pin and number to anybody, your bank will never ask you for such data.”

2. Security awareness training:


A Texas school district lost $2.3 million in a phishing email scam this year, due to lack of cybersecurity awareness. Source: CNN

Companies and organizations need to train their staff (employees) to spot social engineering attacks and what to do prevent easy hacks.

3. Have good security policy: 

Create a good security policy in your company/organization and back it up with information security awareness.

4. Use different logins for each online service and secure your passwords:

Never use the same password for different accounts and use strong passwords.

5. Use two-factor authentication:

This makes it harder for a hacker to gain access into your accounts, even if your password is compromised.

“No matter how strong your password is, once a hacker gets it you will be compromised. But with 2 factors authentication in place, it will lock the hacker out of your account”.

6. Frequently monitor your accounts activities and personal data:

Be conscious for both identity theft and credit card fraud, always check your account balances and accounts data regularly. If you notice any unusual activity, change your online password immediately or notify your bank.

7. Mind the information you put on public sites:

Twitter users regularly do challenges of tweeting their data (Those data they often tweet can be used to compromise their accounts). Don’t put sensitive information’s online for clout.

Never give out any confidential data about yourself or your place of work.

8. Regularly back up:

In the case of Ransome ware or data loss, you wouldn’t have much to lose.

9. Always update your systems and gadgets.

Updating your systems/gadgets are important because new update always includes critical patches(fix) for OS/Softwares security loopholes.

If you practice these SE prevention methods I discussed, hackers would find it difficult to penetrate your network or compromise your account using the social engineering methods.


Thanks for reading, Feedback is always appreciated.


0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments