Cybersecurity and Social Engineering
London Business Hub is providing cybersecurity advice and information to help businesses and the self-employed work safely. Here, we provide advice and tips on social engineering.
Social engineering
Social engineering involves tricking or manipulating people into carrying out specific actions that are useful to an attacker, such as downloading malware or sharing sensitive information. The Police Digital Security Centre (PDSC) has published a glossary covering the main types of social engineering.
Whaling attacks
Whaling is a form of social engineering and attacks involve targeting high-profile and senior employees, such as board directors and chief executives. Attacks are designed to encourage a victim to perform an action, such as transferring funds to the attacker, clicking on links and downloading malware, or providing sensitive information.
The Police Digital Security Centre (PDSC) has published a guide with advice on how to spot whaling and prevent attacks. Prevention methods covered in the guide include:
- Carefully checking the sender’s email address.
- Do not respond to suspicious emails.
- Adding a filter system to block incoming phishing emails.
- Introducing anti-spoofing measures.
Related Resources
-
Cybersecurity Hub
-
Resources to help you spot and prevent cyberattacks.
-
Cybersecurity and Preventing Phishing Attacks
-
Advice and tips on spotting and preventing phishing attacks.
-
Cybersecurity and Protecting Your Data
-
Steps to help your business comply with data protection rules.