Products & services
Raise awareness
Develop knowledge
Behaviour change
Developing cyber security maturity
Cyber security
Data protection & privacy
Health & Social Care
Subscriptions
Raise awareness subscription
Develop knowledge and skills subscription
HRM Platform
TSC's Human Risk Management Platform
Learn More
TSC HRMP Brochure Leaflet
TSC Human Risk Platform Reporting
Phishing Simulator
Smishing Simulator
Vishing Simulator
Incident Responder
Awareness Educator
Email Threat Simulator
Success stories
Resources
eBooks
Reports & White Papers
The Insider
Webinars
View all resources
Health & Social Care
Financial Services
Insurance
Critical National Infrastructure
Pharmaceutical
Aerospace & Defence
Behaviour change
Culture change
Employee awareness
Board engagement
Data protection
About
About
Our methodology
Our team
Careers
Book a demo

TSC on ITV
The Tonight Show

5th December 2024 - 8:30pm
ITV Banner
Social Engineering

Top Tips

Protect yourself

Don’t be tricked by social engineering tactics

Social engineering is an attack method that relies on human interaction and often centres around the cybercriminal using persuasion and/or confidence in their approach.

The aim of social engineering is to influence or trick people into providing sensitive information such as their password alongside other details such as their name and address.

When cybercriminals use social engineering, they will conceal their true identity and motives and present themselves as trusted individuals. Ultimately, they rely on people's willingness to be helpful.

For example, a social engineer might be offering a gift but need you to answer some questions to be eligible for the item.

Follow these top tips to stay secure:

  • Keep your passwords secret

There is no point creating a long and strong, unique password if somebody else knows it. It is essential that you keep your password to yourself – do not reveal it to anybody, even to family or friends, or people who say they need it for you to be eligible for something. The fewer people who know it, the fewer points of attack for a cybercriminal.

  • Make your passwords long, complex, unique and memorable

Research suggests that many of us reuse our passwords across various accounts. Once one password has been compromised, cybercriminals will attempt to use it for all of your accounts – this is why it is essential to have different passwords for different accounts. Making passwords long and complex will make it difficult for cybercriminals to crack your password with readily available software.

  • Use multi-factor authentication

One of the most effective options for additional protection is two-factor or multi-factor authentication (2FA/MFA). MFA requires you to authenticate yourself using additional measures in conjunction with your password. For example, using biometrics or a passcode generated in an app or sent to your phone.

This means that even if somebody steals or cracks your password, they will be unable to log in to your account as they do not have the secondary identifier required.

  • Be social media savvy

You might be surprised by how much information about you is online, and how much of it could be used to compromise your passwords.

You may not have even shared the information consciously. For example, have you ever taken a fun social media quiz such as ‘Discover your showbiz name’? Perhaps it told you to simply enter your pet’s name and your mother’s maiden name to reveal your showbiz moniker.

Always think carefully before giving anyone your personal information.

Password Security

In summary - protect yourself and your online space

Your online accounts contain huge amounts of information about you that a cybercriminal could use to steal your identity. To protect them:

  • Use long, strong passwords, and use a different one for every account
  • Use multifactor authentication and biometrics (such as fingerprint or face scanning) wherever available
  • Never provide sensitive information about yourself, such as your full name, your hometown and your pets’ names, as these all help cybercriminals build a picture of you
Security Awareness

Just in case…

No matter what steps you take, there’s always a chance that a cunning cybercriminal can steal your identity. To protect yourself in case the worst should happen:

  • Regularly back up your data to a trusted cloud application
  • Consider taking out identity fraud alerts with trusted providers
  • Keep an eye on your bank accounts for any unusual activity

Your identity belongs to you. Be secure and keep it that way.

Scam Alert PDF

Can you spot the scam?

This free downloadable PDF, details some of the common signs that you need to look out for when you suspect something is a scam.

Our informative PDF includes advice on:

  • Fraudulent and malicious URLs.
  • Subject line advice.
  • The signs of phishing.
  • And more on how to spot scams!

Don’t get caught out, learn the signs and protect yourself from cybercrime.

Click below and get our PDF for free. 

VIEW NOW

See how we can help you protect your organisation today?

Circle 01
Circle 02
Circle 03

Join our mailing list

Subscribe to the TSC newsletter to receive exclusive news and advice
Stay up-to-date with The Insider
The Insider is an online publication, dedicated to information security and employee awareness.
Become an insider
Our services
Company
Resources

© The Security Company (International) Limited 2023
Office One, 1 Coldbath Square, London, EC1R 5HL, UK
Company registration No: 3703393
VAT No: 385 8337 51

Cyberessentials certification logo
EOA logo
Disability Confident Committed Footer Logo
Design & Development MadeByShape