Home » Computer » How to Fend Social Engineering Attacks

Attackers trade on one of the most common and effective ways called social engineering to acquire computer user’s personal information and use it in unethical way. They use numerous tricks to get access to your personal data, email accounts, your online account information, and your financial records by tricking you into downloading keylogger or malware on your computer to record your keystrokes and take control over your computer.

Attackers who perform social engineering attacks con you into sharing you critically important information with them. They play smart tricks to trap innocent users so that no one can have a doubt on them. So most of times, it gets really tough to know how to create a robust layer of defence to stay protected against real threat. You need to be very careful when it comes to your personal and sensitive details.  However, sometimes it is really difficult to know how to protect yourself from this real threat. There are some measures listed below that you can take to make sure that your accounts and personally identifiable information stay far away from the reach of the hackers, snoopers, and attackers.

Bitdefender Tech Support


Attackers use phishing approach to attack to the targeted machine. They perform phishing attempt through email which is one of the most common way in an attempt to get password of your financial accounts, email account, or other websites. Users who use one password for their most of the account may fall into serious troubles if a thief know your password because they know most of the people us the same password for multiple sites so they try it for a variety of websites.

You can protect yourself from being attacked if you stay careful while clicking on links and downloading any email attachment. Don’t click on links or download email attachments if you don’t know and trust the sender.  Double-check the URL or attachment and verify with the sender if you’re not sure that someone you know has sent you the email.

Also, don’t give your personal and financial information through email. There are many people who will try to appear like legitimate professionals and ask you to provide your banking information. They may pretend that they are from bank or your financial institute and they ask you to verify some important information by clicking on a link given in an email. If you doubt there is a phishing attempt, talk to your bank immediately to confirm if it is a scam.

Social Media

Social engineering is more a kind of act hacking a person’s emotions, instead of actually hacking their website or computer. It is not a rare thing that to turn to social media, some people may try to get your confidential information like the company you work for, your account’s password, or any other information that’s valuable to them.

To know about you, all an attacker has to do is go to your social profiles and know you work for which company, how many people are there in your family, where do you live, how old you are, who are your friends, what are your hobbies, etc. Once the con artist know the required details may whip up a text or email and send it with an attachment or link having some sort of malware to the targeted user to seriously ruin his/her business, client, data, and day.

To fight against such attempts, what you can do is keep your social media accounts as private as possible; make your posts available for family and friends only. Be careful with accepting the friend request sent to you through messages, emails, and social media platforms.

Phone Calls

If you get a call from an unknown number, play safe by just not answering the call. If it will be an important call, the person who is calling you will leave a voice message. While following up such calls, make sure that you confirm the company of a person they are calling from. Be careful and verify the identity of a person who says who they are.


Before visiting a website, check its URL. Social engineering hackers often carefully groom their targets so they can ensure a click of a link. Make sure it’s the right domain (.com, .org, etc.), and also check for misspellings in the URL.

Often, social engineers prey on those who are looking for something, such as job or love online. It may be trick to scam you if a job posting appears too good to be true. Go to the company’s actual website to ensure that the listing is legitimate, to verify if the person who posted the listing is legitimate go through verification steps.

Flash Drives & DVDs

You must have heard a proverb from your parents or grandparents that never pet a dog you don’t know. The same piece of advice applies to media storage devices you may find in public. You could be inviting a Trojan horse into your system, if you are picking up tempting USB flash drive labeled “payroll” or “quarter 2 earnings”.

To harvest passwords and get access to corporate networks, people use a common approach called baiting. Throw it out if you have any doubt. Mysterious flash drive or DVD may be piggybacking malware on whatever document they have.

Online Dating

Many of the people have been aware of such kind of scam by now, but still there are many who fall for such scams. You may hear countless stories how people are losing thousands of dollars in the scam. Social engineers know that there are many who are emotionally weak and alone so they connect with them and con them. The get to know everything they want to hear from them by coning them. Often they set up a plan to fly to see them and then ask for the money. In these scenarios, emotions outweigh any logical reasoning.

Take a step back if you’re pursing a relationship and the other person asks for money. Interrogate the things and ask yourself why money is needed from you if someone else is coming to see you. Consider meeting in public at a halfway point. Don’t open your wallet if you’re unsure at all.

In Person

Be wary of individuals who ask for your sensitive information because today social engineering isn’t limited to digital forms either. The attacker may seem harmless, but could use seemingly innocuous information to take the control of your computer and online accounts. Don’t share information like the name of your favourite pet, your mother’s maiden name, your son’s birthday, or your best friend’s name because such information may be the security questions on an online website or banking portal and once the con artist is able to get that,  may get into your account, change your password, and perform online transactions.

If your bank provides you the facility of two-step verification, use it because it is one of the best ways to secure your online accounts.


There are many who use some of the most common passwords. People don’t realize that most common and easy passwords are easy to crack for the attackers also. Don’t use a continuous string of numeric or alphabets, your birth date, your favourite TV characters, etc. Use a hard-to-guess password with a combination of upper case and lower case alphabet with special characters. Secure your passwords in a password manager if you cannot remember so many passwords.

The most important takeaway you can take away from this article is, be watchful if someone trying to butter you up for knowing your information. Don’t share your personal information with anyone. Verify person’s identity and the company’s identity on which behalf you are receiving the call. Don’t entertain unknown call and emails.

In addition to these measures strong antivirus like Bitdefender  should be used. If you face any issue with Bitdefender contact Bitdefender Tech Support.