As long as there has been money to be made, there have been social engineering attacks. Why? Because all social engineering is trying to get people to believe something and have them act upon it.
Social Engineering has been happening for a long time, well before email. Back in 1925, a French con artist used social engineering tactics to try and sell the Eiffel Tower. Even the infamous Nigerian Prince scam has its roots in 18th-century cons, while the modern-day version has also been executed via snail mail and fax.
Now, of course, social engineering is most associated with phishing. Some of the most common attack forms are spearphishing and Business Email Compromise. These take various forms, but all are trying to get the end-user to do something they don't want. For example, many BEC attacks will see the hacker posing as an executive, asking for a favor. The favor varies, but it often has to do with purchasing a gift card. Gift cards are more complicated to trace than straight cash. They are hoping that the end-user will buy a gift card, since an executive is asking. In reality, the money will go straight into the attacker's wallet.
And hackers have it easy now. Collecting people's information is easy—just a simple Google or LinkedIn search, and hackers will know a person's job, location and interests, allowing them to craft a convincing phishing email.
When there is money to be made, bad actors will do everything they can to obtain it. With phishing, it's never been easier.
Unless, that is, you have Avanan, which prevents malicious emails from reaching the inbox, so there's no way for hackers to try and convince them to do something.
In this whitepaper from Check Point, learn the long history of social engineering, its troubling future, and how Avanan and Check Point will help keep your organization safe.
