Security as Business Enablere

Security is a business enabler; if would like to have sustained business security has to be one of the top priorities. Security is you about keeping safe customers data and make it much harder for criminals to break into your business data.

Social Engineering for stealing Passwords

Social Engineering is one of the methods used to steal passwords. Cybercriminals use social engineering as one of the easy ways other than technical attacks to steal passwords. Social Engineering is psychological and grooming, and tricking people or employee to divulge credentials.

never use easy passwords

Easy Password concept. My password 123456 written on a paper with a marker.

A typical example is how an attacker calls your helpdesk saying he is user working for the company in XY department and needs his password reset.
Under well organised, professional IT structure users who have lost or forgotten their passwords to come in person and present an ID Card to reset their passwords but smaller, less professional setups might permit users they know well to reset over the phone based upon recognizing their voices or answering some very basic cognitive questions. This type of policy is a receipt for disaster.

Other types of social engineering include just trying to gain information about the target user or network the attacker wants to get into. The bad guy could ask a human resources staffer during an interview where the attacker pretends to be interested in a job about technical details of the network, users, services and so on to gain more intelligence about the company.  
The last and most common example of social engineering is tricking someone into holding an access door open for the bad guy to enter a facility without identification.

How To Mitigate Social Engineering?

User training

Social engineering can be mitigated by providing cybersecurity awareness training to all your staff. Training can help prevent not only social engineering but also not accessing wrong websites, downloading unauthorized software, which can cause serious damages leading to a denial of service (DoD). Training can help prevent this threat and many other threats to a network. Also, responsible network administrators train their users never to divulge their passwords to anybody for any reason.

Strict password Policy

password policy is a set of rules designed to enhance computer security by encouraging users to employ strong passwords and use them properly. A password policy has to be part of an organisations’ official regulations and may be taught as part of security awareness training.

Useful link for easy password

I’d like you to watch the below youtube video to understand how easy it is to crack easy passwords:

If you found this short article please share with your friend and if like some advice on how to secure your data get in touch at

Free Security Assesment

We offer a free comprehensive Security assessment in 16 areas of vulnerability so, that the problem is approached head on to save our clients time and money.

SecuredTech Ltd takes your privacy seriously. We won’t share your details with third parties. If you choose not to receive our latest Cyber security news you can unsubscribe at any point.