How Hackers Use Social Engineering To Hack Into Your Bank Account?

By Subodh / January 7, 2017

The progress in computer and mobile technology come with their flip sides. Malware creators and hackers have become smarter and they are developing ways to break into seemingly secure online profiles and even bank accounts. They have succeeded in breaking into online profiles of celebrities and sneaking into corporate bank accounts too. They are increasingly resorting to advanced hacking techniques to break into security of corporate and individual users and these are referred as social engineering attacks.

Social Engineering

Nuances of Social Engineering Attacks

To ensure your bank account details and other sensitive data does not fall into hand of malicious hackers, you should learn the basics of social engineering attacks. While they are targeted more at enterprises and SMBs, individual users can also be at risk.

Social engineering attacks involve cunning forms of psychological manipulation, forcing unsuspecting employees and users to hand over sensitive data. It is done through email most of the times, though other forms of web media are used nowadays. These attacks involve manipulation of human feelings and emotions and so preventing them on enterprise or personal level can be tricky.

[ Read: How To Handle Identity Theft in Today’s High Tech World ]

How Social Engineering Attacks Are Executed?

The social engineering attacks are not targeted at software security flaws or hardware loopholes. Rather, these attacks are aimed at vulnerable areas of human psychology. It really no longer matters if you are using a Windows 10 based workstation or a MacBook.

1. Phishing

This is the most common form of social engineering attacks. A phishing email can appear in your mailbox in many forms. The examples include notifications from banks, courts or high profile government entities, Unsuspecting users may take these fake emails to be real and they may just do what the email content asks them to. Sometimes, these fake emails may land in your inbox informing you of a huge online lottery win. These emails may either contain attachments with malware or ask you to provide your bank account details. Clicking the links and attachments can prove to be disastrous. There have been many instances of unsuspecting users giving away their bank details only to be duped of their money and deposits.

2. Ransomware

This is one specific malware that is being increasingly used by social engineering attackers. Unlike regular computer viruses, the malware will not corrupt your OS or cause the OS to crash unexpectedly. Once the ransom ware is executed by you even by mistake, it takes control of your PC’s data and you are asked to pay a ransom if recovery of data is what you want. Both corporate and infidel users may fall prey to ransomware. Ransomware can be hidden in email attachments or links.

3. Social Media Hoax

The hackers are using the popularity and growth of social media platforms to attack target users. Highly popular and widely used services such as Facebook, Twitter and whatsapp are increasingly being used to spread malware that target users by working on their emotions. Malware containing celeb death hoax videos is one such popular example. Instances of people receiving Facebook links or messages from people in their friend list with malware have also been heard. In these cases, hackers gain control of a Facebook account and thereafter send malware filed messages or links to the friends of that user online. In many cases, the owner of a compromised account gets to know the reality after damage has been done.

Vishing

Emotional Aspects the Hackers Tap into

The social engineering attacks basically exploit some commonplace human feeling and emotions. These are:

1. Fear

Fear is one of the emotions that compel people to give away their private data fast. A fraudulent email seemingly sent by a government entity or court induce fear in mind of the recipient. Another example is fake notification emails mentioning your bank account details are required as your account has been compromised.

2. Greed

Greed is another feeling that makes people divulge their confidential data rather quickly. The fake emails informing the recipient of a jackpot or lottery win taps into the greed of the human mind.

3. Trust

The hackers also play with trust of people when targeting them with numerous social engineering attacks. When you see a Facebook feed appearing in your profile wall from a friend you have known for a long time, you are not likely to suspect it can be infected.

How to Thwart Social Engineering Attacks and Boost Defense Mechanisms

There is no denying the reality that stopping the activities of hackers expert in Social engineering attack tactics is near impossible. They will try to find newer ways of breaking into PC security and user accounts online. However, you can resort to a number of measures to step up defense against these online invaders.

  • Practice caution when it comes to receiving emails from unknown sources and more so for those with attachments.
  • Keep updating system security software and scan suspicious attachments before opening. It is also necessary that you look for extension of email attachments before opening them. Attachments with extensions like Bat and Exe are more likely to contain malware and virus.
  • For emails claiming to be sent by bank, court or such authorities asking for personal details, do not respond. If necessary, you can contact respective agencies.
  • Make it a habit to alter your email and other online profile passwords periodically. Whenever possible, resort to two step authentication, like the one offered by Gmail for enhanced security. This makes things difficult for the hackers.

Got any suggestions? Let me know in the comments below!