Social engineering was a term popularised in the 90s by now-famous computer hacker, Kevin Mitnick. While concepts encapsulated by the term have been around since long before the 1990s, today, it refers to the psychological and emotional manipulation employed by a criminal in order to obtain private or sensitive data. A social engineer almost always exploits human weaknesses to gain trust and develop a sturdy relationship with the victim.
What instantly comes to mind, of course, is the notorious ‘Tinder Swindler’, Shimon Hayut, also known as Simon Leviev, who was recently exposed in a Netflix documentary as a scam artist, employed social engineering to form romantic relationships with several women before defrauding them out of a great deal of money. By posting pictures on yachts, private jets, and in designer clothes, Hayut preyed on women looking for love, putting them in debt for life. The type of social engineering he employed has been aptly named ‘romance fraud ‘.
While social engineering techniques have been around for decades, Hayut’s recent exposure has shone a light on the dangers of social engineering and has reminded us to be hyper-alert to these scams. Coming out of 2 years of lockdowns, where meeting potential suiters has proven to be more challenging than ever, people looking for love become susceptible to this type of scam.
Here are some common forms of social engineering to watch out for:
- Phishing Attacks
This type of scam involves the attacker disguising as a reliable individual, mostly via email. Often, a Phishing scam will come from a known entity, such as a bank, where the hacker will say something like “Reminder: Your Password Expires in Less Than 24 Hours” and will subsequently ask the victim to click on a link to renew the password, thereby leaking sensitive information and gaining access to data. Transparent managed security company, Expel, analysed the incidents they investigated in August 2021 and found phishing to be the attack vector that was most commonly exploited, making it increasingly important for ordinary individuals to be able to recognise it.
- Tailgating
This occurs when an unauthorised person gains access to private data either by posing as someone with the correct authentication or by exploiting the willingness of a victim to help the scammer out of a ‘predicament’. Often, these social engineers can also be referred to as confidence tricksters, as they use their self-assertion as a manipulation tool. An example of tailgating would be someone who pretends to have forgotten a password to a restricted site, and asks the victim of the attack for a temporary password so that the hacker can access the data. Granted, the thought of having one’s emotions manipulated by such scam artists can make one feel particularly vulnerable. There are, however, certain techniques to apply which can act as a defence against these traps.In relation to romance fraud and the Hayut fiasco, Cybersecurity expert at Mimecast, Duane Nicol, is quoted in an article by news website, IOL, saying that a red flag to watch out for is “if it’s too good to be true, it probably is”. He encourages trusting one’s instincts in these potentially dangerous situations. Cyber security leaders in the industry advise that human error can be the weakest link in any organisation. Employees at all levels should be educated on these defence tactics.
Our AI solution understands your environment, find weaknesses, replicates and makes recommendations to fix. Integrating security into your DevOps before production means that vulnerabilities are validated during test and development to ensure production systems are secure during development.
The Nihka technology Group is a South African technology company based in Johannesburg, South Africa. The Group is focused on bringing the digital future to both the private and public sectors, locally and globally by delivering innovative, integrated technologies, and intelligent solutions. Nihka offers end-to-end multi-dimensional consulting with an emphasis on integrating the human potential. Bringing EQ into AI.