Cybersecurity and Social Engineering

London Business Hub is providing cybersecurity advice and information to help businesses and the self-employed work safely. Here, we provide advice and tips on social engineering.

Social engineering 

Social engineering involves tricking or manipulating people into carrying out specific actions that are useful to an attacker, such as downloading malware or sharing sensitive information. The Police Digital Security Centre (PDSC) has published a glossary covering the main types of social engineering. 

Whaling attacks

Whaling is a form of social engineering and attacks involve targeting high-profile and senior employees, such as board directors and chief executives. Attacks are designed to encourage a victim to perform an action, such as transferring funds to the attacker, clicking on links and downloading malware, or providing sensitive information.

The Police Digital Security Centre (PDSC) has published a guide with advice on how to spot whaling and prevent attacks. Prevention methods covered in the guide include:

• Carefully checking the sender’s email address.
• Do not respond to suspicious emails.
• Adding a filter system to block incoming phishing emails.
• Introducing anti-spoofing measures.