Launching social engineering attacks, typically using phishing tactics, will remain a success for cybercriminals - and companies struggle to teach their employees how to detect and avoid these attacks. Phishing emails often trick employees to turn over usernames and passwords, or install some type of file with malware.
"Phishing relies on human mistakes, not technology, so the number one way to combat this particularly effective form of social engineering is to raise awareness enterprise-wide," said Joe Caruso, CEO and CTO of Global Digital Forensics. "Time is your enemy after a cyber breach or incident, so every second counts. The faster the problem is identified and eradicated, the less costly it will be in the long run for the entire organization."
As more people embrace mobile devices, such as smartphones and tablets, cybercriminals are adjusting their attack strategies. More employees are using their personal devices for work, and criminals have the opportunity to steal personal and corporate information.