Contact us today!
(518) 203-2110

Evolve IT

Evolve IT has been serving the Saratoga Springs area since 1995, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

This Halloween, Hackers are Pretending to Be You

This Halloween, Hackers are Pretending to Be You

Halloween is a great time for people of all ages to let loose and embrace their spookier, darker side--even though they aren’t. For hackers, however, every day is like Halloween, but with ill intentions. Hackers will pretend to be someone they’re not in order to scam you out of sensitive data or personal information. By identifying their tricks, you can keep hackers from getting their treats.

The aforementioned tricks are typically characterized as social engineering tactics, where a hacker will trick users into thinking that they’re a trusted organization, or even someone within their own business. Unlike those who participate in Halloween dressed in silly costumes, it’s not so easy to distinguish a social engineering attack from normal everyday occurrences. This is what makes the trick so convincing. Therefore, it’s imperative that you know what to look for, and how to address it properly. Also, in the same way you check your kid’s trick-or-treat candy for anything that might be harmful, you need to view unsolicited digital communications with a degree of healthy skepticism.

The unfortunate fact is that social engineering attacks (including phishing scams) work, which is why they’re commonly used by hackers. Even the most vigilant user can fall victim to a social engineering scam, which prompts people to wonder what makes a social engineering attack so effective. Researchers from the University of Erlangen-Nuremberg in Germany decided to pursue this thought and performed research into what makes people want to click on suspicious links.

Zinaida Benenson presented the university’s findings at the most recent Black Hat convention in Las Vegas. It was discovered that the success of social engineering attacks was largely due to the hacker understanding the circumstances of the scam and personalizing the link to appeal to the victim at that specific time: “By a careful design and timing of the message, it should be possible to make virtually any person to click on a link, as any person will be curious about something, or interested in some topic, or find themselves in a life situation that fits the message content and context."

In other words, proactive training and education aren’t enough. Even the best employee could click on a link that aligns with their personal interests. ZDNet uses the example of an employee who has recently attended an event and is then sent a link to an online photo album containing memories of the event. The user will want to click on the link to see what the photos are, regardless of who it’s from. Once he has done so, the hacker succeeds; he has appealed to the natural curiosity of the user, and thanks to the timing of the message, the user is almost guaranteed to click it.

Another common example is an employee who is experiencing persistent technical trouble with their workstation. They might receive an email from “tech support” claiming that the problem can be resolved by downloading remote access software. The frustrated employee will click on the link because it fits their current needs and situation and because users typically trust tech support.

Just like how it takes energy to build an impressive Halloween persona, these hackers require immense time and preparation in order to successfully pull off a social engineering scam. These types of personalized attacks make social engineering scams challenging to protect yourself against. Yet, not all hope is lost. Educating your employees on security best practices and implementing spam blocking solutions designed to eliminate spammy emails may be the best way to avoid a fright.

Have a safe and happy Halloween, from all of us at Evolve IT.

Comments

 
No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, 06 July 2026
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Blog Archive

Free Consultation

Sign up today for a
FREE Network Consultation

How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up!

Free Consultation
 

Tag Cloud

Tip of the Week Security Best Practices Technology Internet Cloud Hackers Email Privacy Productivity Business Malware Software Business Computing User Tips Computer Hosted Solutions Microsoft Upgrade Efficiency Workplace Tips Google Smartphone Windows 10 IT Support Mobile Devices Innovation Ransomware Gmail Hardware Network Security WiFi Bandwidth Facebook Microsoft Office Office Operating System Backup Apps Business Continuity Disaster Recovery Communication The Internet of Things Social Media Hacking Networking Data storage History Two-factor Authentication Windows Data Small Business Experience Phishing App Mobile Computing Big Data communications Safety Unified Threat Management Mobile Device Management Money Network Quick Tips Smartphones Managed Service Provider Outlook Firewall Wireless Technology Content Filtering Android Cybercrime Apple Website Best Practice Alert Employer-Employee Relationship Customer Service Music Monitors Cryptocurrency Laptop IBM Router Google Docs Education Office 365 Displays Cleaning Holiday YouTube Processors Analytics Black Market Saving Money Office Tips intranet LiFi Staffing Lithium-ion battery End of Support BYOD Downtime Streaming Media Help Desk Passwords Micrsooft Social Networking Visible Light Communication Disaster Public Speaking Writing Data Management IP Address Virtualization Business Growth Robot Advertising Recovery Government Society Sports Spam Augmented Reality Keyboard Google Wallet Information Technology Running Cable Search User Hard Drives Retail Windows 8 Internet of Things Windows XP IT Services Remote Computing Shortcut Hosted Solution Artificial Intelligence Documents DDoS Heating/Cooling Managed IT services Word Tech Support Compliance Drones Social Bluetooth Business Management Printer Browser Virtual Desktop Wireless Competition Automation Unified Communications Securty Encryption Presentation Memory Entrepreneur Document Management Law Enforcement SaaS VoIP Domains Deep Learning Cortana Hacker BDR Proactive IT Network Congestion Application Vendor Management Save Money
QR-Code