Social engineering: a threat to BPO? – Indigo 21

BLOG

Social engineering: a threat to BPO?

Social engineering: a threat to BPO?

Close-up of hand typing on back-lit computer keyboard-social-engineering

September 25, 2023

Cybersecurity is a real issue for any responsible business that looks after its customers and their data. Building the right levels of trust is key to attracting and retaining a loyal customer base that trusts your business, and without that trust, growing a business is impossible.

Threats from cybersecurity breaches are more common than you’d think and can affect any business that operates in today’s digital world. Forbes published a story detailing a report by Check Point, that revealed 1 in 31 global organisations experienced a ransomware attack each week in the first quarter of 2023.

Social engineering is one method that hackers can use to defraud your customers and ruin your reputation. These attacks can involve ransomware, malware, identity theft, and more.

What is social engineering?

Social engineering is a form of psychological manipulation used by fraudsters to steal data by presenting themselves as someone genuine. There are several different social engineering techniques, with the most well-known tactic called ‘phishing’. It’s estimated that 3.4 billion phishing emails are sent every day.

Phishing occurs when a fraudster poses as a business or individual that needs certain information, usually passwords or other private personal information (PPI) from a customer. This PPI is then used by fraudsters to steal money, access bank accounts, or commit identity theft. Other social engineering threats include:

  • Tailgating: following a customer through the login process by tailing their digital trail — just like someone following your car through a barrier. Once inside the restricted area, fraudsters might install malware, steal sensitive data, or damage digital property with an advanced hack.
  • Pretexting: impersonating someone known to the customer to request PPI and commit identity theft. Fraudsters can create a situation, or pretext, that imitates businesses or individuals to scam customers out of information.
  • Baiting: promising a customer goods or products in exchange for PPI. This is an easy tactic to fall for in the age of exchanging an email address for downloadable content, or in mobile apps that might falsely promise further content through paid-for access.
  • Quid pro quo: like baiting, but instead promising services in exchange for PPI. This type of threat can feel like the scammer is doing a customer a favour.

What is the threat to BPO?

When part of your business is outsourced and based offshore, you may be using multiple data servers. On top of that, your staff are handling sensitive customer information that may be crossing international data protection systems, such as GDPR. Contact centres can handle customer service, HR functions, and even banking and financial services, so the amount of sensitive data and PPI is high, leaving the industry vulnerable to cyber attacks.

How to prevent social engineering attacks

Social engineering is a real risk in the online space, but there are many steps you can take to reduce the threat of social engineering attacks on your business. With a well-trained team, your staff can identify threats and be wise to the techniques that scammers use. On the IT front, there are several ways to keep your business safe.

  1. Keep software and hardware systems up to date
  2. Create a cybersecurity policy and make sure it’s followed
  3. Use firewalls to protect connections
  4. Have a strong password policy for everyone in the business

Preventing social engineering attacks is better than needing to recover from them. Businesses can lose a lot of money and customer trust after a cybersecurity attack, and that reputational damage can be hard to repair. We offer many different cybersecurity services, including:

  • DDoS protection and API security protection
  • Free safety scan of your customer-facing assets
  • DMARC service to protect your email system

For more information, get in touch today to learn how to reduce your cybersecurity risk.

Sources

https://www.forbes.com/sites/chuckbrooks/2023/05/05/cybersecurity-trends–statistics-more-sophisticated-and-persistent-threats-so-far-in-2023/?sh=4dc48b0c7cb6

https://aag-it.com/the-latest-phishing-statistics/#:~:text=Yes%2C%20phishing%20is%20the%20most,emails%20are%20sent%20every%20day.

Other blog posts…

Indigo 21: 2044

Indigo 21: 2044

Not the title of a futuristic sci-fi movie – although that sounds like a great idea – but a glimpse into the technologies shaping our IT business in...

read more
What is DEX?

What is DEX?

Digital employee experience, or DEX, refers to the way your people interact with the digital technology and tools they use daily to carry out their tasks.

read more