9 Tips Against Social Engineering

5 min readJul 7, 2021

When most people talk about cybersecurity, they say that technological tools are the best solution to protect themselves against hackers. But companies and networks may take a different approach, such as making progress on human vulnerability. In this way, they can protect themselves against social engineering that causes data networks to be exposed or accessed. For example, a hacker may pretend to be an IT officer and ask employees to disclose information such as usernames and passwords. Most employees won’t think twice about presenting this information, especially when they believe the other person is trustworthy. So what should employees do in this situation? Here are 9 tips against social engineering!

9 Tips Against Social Engineering

1. Take your time!

Be especially careful when the person contacting you has an urgent request. In this way, hackers aim to prevent their hackers from thinking about the issue. If you feel pressured, ask for time to make a decision. Say you need to ask your manager or you don’t currently have the requested information. Usually, hackers don’t push their luck in such situations.

2. Check if the situation presented to you is realistic.

Social engineering attacks hackers try to rush you so you can’t think analytically. It is very important that you take the time to check whether the situation presented to you is realistic. In this way, you can detect many attacks.

3. Test the sender.

Check if the person contacting you has the information you expect them to have, such as your full name. For example, a bank or online shopping site that you use frequently has access to all your data. If there is a problem with your account, they can access this information without calling you. However, when they reach you, they usually ask security questions. If the person contacting you does not fit this profile, you may be receiving a fake email/call/message.

4. Request ID from people you don’t know.

In social engineering attacks, hackers may try to bypass security to enter a building. For this, they wait for someone helpful to let them in. Don’t be fooled by this and request identification from people you don’t know. Likewise, you can verify the name and phone number of callers before responding to information requests. If you don’t know the person who contacted you, find an excuse to hang up and contact another official to check the accuracy of the request.

5. Keep calm and find another way of communication.

In social engineering attacks, hackers create an emergency. They don’t want their victims to think too much about what’s going on. When you pause for a second to think about it, the hacker might panic and back off from the attack. For example, instead of providing that information to someone who requests your information by telephone or clicking a link, you can reach the organization or person who claims to have reached you in another way. You can reach a person claiming to be someone you know from your phone book and verify their request.

6. Check the sources of emails or tools like USB devices!

Take a few moments to think about who is reaching out to you, don’t blindly trust the other person. Be wary of matters that sound suspicious. It’s pretty easy to check the sources of emails or tools like USB devices.

For example, you can look at the header of a suspicious email and check if you’ve received any more emails from the same sender. In addition, before clicking on suspicious links, you can hover your cursor over them to see where the link will take you. Finally, watch out for typos. Famous companies check their e-mail countless times especially to avoid typos, so an e-mail with typos is more likely to be fake. If you do not feel comfortable after doing all this, visit the official website of the company and contact a representative.

7. Use an up-to-date spam filter in your email.

If the e-mail program you are using is not good at detecting fake e-mails, protect yourself with an up-to-date spam filter. If you are already using a spam filter and are still receiving suspicious emails, you can change your filter’s settings. Effective spam filters have a variety of tools that determine how likely emails are to be spam. They can detect whether file attachments or links are suspicious and analyze the content of the email. In addition, most email filtering tools have a blacklist of suspicious IP addresses or sender IDs.

8. Make sure the tools you use are safe!

  • Constantly update your anti-malware, antivirus and similar protection software.
  • Be careful not to run your computer or mobile device in administrator mode.
  • Avoid using the same password over and over in your accounts on different sites.
  • Take advantage of two-factor authentication on your important accounts, such as your work account.
  • Immediately change the automatic password given to you when you open a new account.
  • Follow new cybersecurity threats on our blog.

9. Be careful with the information you share on social media!

Think twice before sharing sensitive information on online platforms like social media. The information on these platforms can fall into the hands of hackers and hackers can use this information in their attacks. For example, never post the answer to your security question on social media, or mention something that has happened to you recently. In addition, you can close your account to strangers to feel more secure.

9 Tips Against Social Engineering: Take Advantage of Our Anti-Phishing Tools!

Social engineering attacks are very dangerous and can cost you dearly. Because in such attacks, hackers can use completely normal situations as an excuse and easily reach their goals by taking advantage of them. It is very important that you are aware of exactly how these types of attacks occur. You can use our Cyber ​​Security Awareness Training tool for this. In addition, you can test your email and prepare yourself for suspicious situations with our Email Threat Simulator tool. If you take such basic precautions, you are very unlikely to be a victim of social engineering. You can visit our website to browse more of our tools.