Complex scams and spear phishing attacks on companies have increased massively recently. The BSI expects “a further increase in well-crafted, automated social engineering attacks in the future.”

The hackers not only use sophisticated technical methods, but also psychological mechanisms that exploit our deepest emotions and motivations. Often these mechanisms are not explicitly known to the victims in advance and are only apparent at second glance. However, psychological studies show that if a victim has knowledge of a manipulation attempt, it is far less successful.

[mk_ad]

How hackers decrypt your psyche!

Pressure/fear

Possible penalties are threatened if action is not taken (e.g. reminder fees in an incorrect invoice email), or artificial time pressure is created (“act now or an important project is at risk”).

Greed

A reward or possible benefits are promised (“Sign up here to receive employee benefits”).

Curiosity/interest

Supposedly explosive information is promised (e.g. an Excel file with the title “Salary data-2018.xlsx”) or exciting content is hinted at (“Is that you on the video?”).

Trust

Supposed similarities are cited to generate additional trust (“We recently discussed this topic”).

Praise/flattery

The victim is grabbed by his vanity to obtain information (e.g. in the form of an interview request to a “recognized expert in a specific field”)

Willingness to help

People like to help other people. Attackers take advantage of this by encouraging behavior that supposedly helps a third party in an emergency situation (e.g. a USB stick is lying in front of the factory premises. By plugging it in, you may be able to find the owner).

authority

The attacker exploits the natural hierarchy in a company (e.g. by impersonating a superior or a public authority).

Here's how you can protect yourself from a hacker:

[mk_ad]

Basic attitude: alert. Be careful with unusual requests - especially if you recognize the principles mentioned! If emails directly ask for money or password information, this is also a sure sign of phishing.

Sender: verify. If in doubt, try to verify the sender, for example by contacting them in another way or in a separate email. Please also contact your IT department.

Knowledge: keep informed. Stay up to date on current waves of fraud or phishing. Your employer may provide ongoing information about current phishing attacks or have an eLearning platform on security topics.

Posters!

Poster: How hackers decrypt your psyche!
Poster: How hackers decrypt your psyche!

to sensitize your employees to the most common tactics and psychological tricks in the area of ​​social engineering SoSafe GmbH, a partner of the Alliance for Cyber ​​Security, has compiled and explained them in a concise poster. This poster is suitable for printing and hanging in the coffee kitchen or in the hallway (it has sufficient resolution for printing in DIN A3 ) as well as for sending digitally as a PDF file as part of an awareness campaign.

Sources: BSI , SoSafe Cyber ​​Security Awarness


If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:

📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.

Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!

* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!


Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )