Contact Support

If you are an existing client to get support call us on:

+44 (0)1483 412 042

OR

Login to the portal

Support portal

If you've been given a 6-digit support code

click here

Not an existing customer?

Contact us

Video: Cyber Chat – Episode 17 – What is social engineering?

In this episode of Cyber Chat, Rob May explains social engineering, why organisations should be aware of it and how they should be training their staff to help protect against an information breach.

Managing the ongoing cybersecurity of your IT infrastructure should be a primary concern – whatever the shape or size of your organisation. Cybersecurity breaches are the number one threat in today’s business landscape. Incidents come in many forms: cyber attacks; laptops left on trains; malicious staff; or, even more simply, accidental data loss caused by human error. The human firewall is vital as a line of defence for any organisation and in this video Rob, author of The Human Firewall (available on Amazon) explains what the Human Firewall is.

Find out more about ramsac’s cybersecurity services

 

 

Cyber Chat – Episode 17 – video transcript

Hi, I’m Rob May, I’m MD of ramsac and welcome to Cyber Chat. Today I want to talk to you about social engineering, Social Engineering is the working of people in order to get information that they can use against them.  And, social engineering is a huge part of the cyber problem that we all face.

One particular example that I witnessed and I think it’s a good story to tell you in terms of being able to relate to this. A client of ours, the lady on reception received a phone call one day, her name’s Sylvia.  Sylvia received a phone call and the person on the end of the phone said We’re doing a quiz this morning and if you can answer 3 simple questions. You’ll win a Magnum of Champagne.” So Sylvia said she was happy to do that and question number one was, Who is the Queen of England?  and Sylvia knew who the Queen of England was. Great. Speak speak. Yeah. So question number one was who is the Queen of England, now Sylvia knew who the Queen of England was. Question number 2 was “who’s the Prime Minister of England?” and she also knew who the Prime Minister was. Question number 3 was what accountancy software do you use?  Now Sylvia didn’t know that, so,  Sylvia called their IT guy, Mike. Sylvia and Mike are  good friends and in fact they were going out for lunch that day and Sylvia just said, Mike, quick question, what accountancy software do we use? and Mike said, We use Sage line 50. See you at lunchtime.

So, Sylvia goes back to the guy on the phone and said We use Sage line 50. They say “That’s brilliant 3 questions right, I can send you a Magnum of Champagne.  Let me take your details”. Now it won’t surprise you to hear that Sylvia never received a Magnum of champagne. But several days later, a phone call came in asking to speak to IT so the call got put through to Mike. Mike answered the phone. And the guy on the end of the phone said,  Hi, this is Sage Technical Support and we can see in our system that you use our line 50 product”.  and Mike said. “Yeah, yeah, I do”. and he said , Well, we’re proactively calling all of our users today because we found a horrendous security flaw in the software and we just want to warn you about it, but don’t worry. We’ve written a fix. I’m about to email it over to you. You just need to run the fix and everything will be fine and it’s a neat piece of software. You don’t even need to get all the users out of the system”. So shortly after the phone call Mike received an email that looked like it was from Sage with an attachment, which he ran and when he ran it, almost instantly his whole network started to fall down around his ears and it was a ransomware attack and they wanted €30,000 paid in Bitcoin in order to get their data back.  And the thing is so it was a brilliant case of social engineering and I think the thing is that in most cases Mike, who I know well wouldn’t have fallen for that. But on that particular day, He did, and part of our protection when it comes to cyber is that we need to be more sceptical. We perhaps need to trust less we’ve grown up in what is inherently a trusting culture. We need to just trust a little bit less.  If i was Mike, I would have been pushing back I would have been checking that it was really Sage. I would have been calling them back, I would have been investigating online to see if anybody else was having any problems with the patch and so on, and so forth. And, I think normally Mike would have done too.

But on this day, he was tricked and he felt for it. And it was very disruptive. Be aware of social engineering, be aware of people and what they are asking for. Just think why are they asking, and are they who you really think they are? Stay safe, I hope that was useful I look forward to speaking to you again, thank you.

 

Registration No. 26980136
Terms and Conditions | Privacy Notice
Richard Renson
Richard Renson
16:54 10 Dec 18
Great, helpful IT Kings and Queens
Andrew Worth
Andrew Worth
12:37 30 Aug 18
fine bunch
Colin Warner
Colin Warner
08:46 06 Dec 17
Excellent managed service provider.
Selom B
Selom B
11:58 10 Dec 16
First Class!! Responsive, knowledgeable, professional and very easy to work with - Ramsac have been a fantastic strategic IT partner for the last few years and I'm sure will continue to be for many years going forward. I would highly recommend them!
Ian Windle - Inspiring Leadership
Ian Windle - Inspiring Leadership
08:53 04 Jul 16
Great IT business, with a powerful management team. Could not recommend them more highly.
Patrick O'Luanaigh
Patrick O'Luanaigh
10:55 01 Jul 16
A truly fantastic IT support company - I can't speak highly enough about them.
Sarah Whitemore
Sarah Whitemore
11:59 20 Jun 16
I have known Dan May and Ramsac for 5 or 6 years now. Dan is such a great guy and really helpful with strategic advice and input on all things IT. He's so approachable and doesn't baffle you with IT jargon. If you are looking to outsource your IT or you have a problem you need help with Dan is definitely the one to ask.
Jonathan Richards
Jonathan Richards
12:14 31 May 16
I've worked with Ramsac for many years and whole heartedly recommend their services. They are always professional, approachable and have the rare skill of making IT understandable. Their can do attitude leaves you feeling that you are in safe hands.
See All Reviews
© 2019 ramsac. All rights reserved.