Get Gephardt: How cybercriminals use social engineering to get us to hand over our sensitive info

Oct 3, 2022, 10:10 PM | Updated: Nov 18, 2022, 11:31 pm

SALT LAKE CITY — You can have the strongest, most secure password in the history of cybersecurity, but the bad guys know there is one weakness they can use to hack into your system — you!

Just recently, Uber got added to the ever-growing list of companies defeated by social engineering when a hacker tricked a contractor into granting them access to his Uber account. From there, they got into the rideshare giant’s internal data systems.

Oh, and the alleged hacker? Just 18 years old.

“I’m actually not too surprised,” said cybersecurity expert Zulfikar Ramzan, Aura Labs’ chief scientist and CEO. “There was nothing sophisticated. It was all fairly straightforward.”

Ramzan said that while Uber’s hacking may sound like something out of a heist film like Ocean’s Eleven, it isn’t.

“This is more like a 7-Eleven smash and grab,” he said. “The reality is in this day and age; those attacks tend to be quite effective. You don’t need to be very fancy.”

Ramzan said social engineering is classic con man stuff — faking legitimacy. The bad guy might pose as a government agency, your bank, a work colleague, someone in your IT department, a friend or others. And they will use emails, texts, social media, whatever they can to reach you.

“It’s just about being able to trick you into doing something that compromises your own security,” he said. “It only takes one person to let you in the front door, and from that point onward, you may have access to most rooms in the house.”

Often, the trick is to get you to follow a link, or they will get you to send them a code to defeat two-factor authentication or to get you to use your real login credentials on a fake website.

And it works well.

According to the FBI’s latest Internet Crimes Report, cybercrooks stole $6.9 billion last year, much of that is through social engineering.

New data from virtual private network company, NordVPN found that 84% of Americans have run into some kind of social engineering. Of those, 36% actually admitted to getting duped. Ramzan said it could happen to anyone at any level of tech savviness.

“We have these amazing street smarts and tell us when we go to the physical world – what a good neighborhood is or a bad neighborhood as we can tell something’s wrong because we’ve owned our physical street smarts in really deep ways,” he said. “Unfortunately, we haven’t grown our digital street smart, and so we don’t have that same level of intuition — those “spidey senses” that tell us that we’re potentially in danger.”

Ramzan said the explosion of remote work throughout the pandemic has dramatically accelerated social engineering attacks.

“Your IT department is incentivized to set up a world where anybody can access critical services from anywhere. Unfortunately, that also means hackers can access that same information potentially from anywhere,” he said.

So, how to keep the bad guys from getting their foot into our front door? Ramzan said anyone asking for login credentials is a huge, stinking red flag. Next, use multi-factor authentication everywhere you can. Then, watch what you post about yourself online.

“Even though you might think you’ve got a small role to play in whatever is out there, you might be one or two connections away from someone who could have a massive impact,” Ramzan said. “If somebody can get to you, they may be able to use you as the next step in a chain of events to get into something much more nefarious.”

KSL 5 TV Live

Top Stories

Get Gephardt

Matt Gephardt

Get Gephardt: Cybersecurity experts caution shoppers to take it slow while shopping online

For many of us, Christmastime is magical. For scammers, it’s especially magical. Here's what to beware of when shopping online.
4 days ago
Matt Gephardt

Get Gephardt: Received a package delivery text? Scammers are luring Utahns with fake tracking alerts

Utahns are getting targeted by scammers sending out fake delivery notices.
11 days ago
(KSL TV)...
Matt Gephardt and Sloan Schrage, KSL TV

Get Gephardt helps Holladay woman who says contractor left her with an unusable bathroom

If a contractor did bad work, you wouldn't be satisfied with the job. A Holladay woman said a restoration company left her with an unusable bathroom, but when they told her she was satisfied, she decided it was time to Get Gephardt.
11 days ago
phone with digital coupons...
Matt Gephardt

Get Gephardt: Do digital discounts discriminate against elderly shoppers?

You have likely seen ads promising savings with digital-only coupons, but a consumer watchdog says that the digital-only part unfairly leaves many people out of the opportunity.
17 days ago
(KSL TV)...
Matt Gephardt and Cindy St. Clair, KSL TV

Get Gephardt: Utah landscaper loses license for taking money then ‘abandoning’ jobs

"We know that there's a lot more people out there," one woman paid for a landscaping crew that never showed up.
17 days ago
There are calls for more auto parts to be manufactured domestically as the global parts shortage ne...
Matt Gephardt

Get Gephardt: Need your car repaired? Be prepared to wait

How long could you wait while your car gets fixed? Days? Weeks? How about months? That's how long drivers are having to wait for parts — even for simple repairs.
20 days ago

Sponsored Articles

house with for rent sign posted...
Chase Harrington, president and COO of Entrata

Top 5 reasons you may want to consider apartment life over owning a home

There are many benefits of renting that can be overshadowed by the allure of buying a home. Here are five reasons why renting might be right for you.
Festive kitchen in Christmas decorations. Christmas dining room....
Lighting Design

6 Holiday Decor Trends to Try in 2022

We've rounded out the top 6 holiday decor trends for 2022 so you can be ahead of the game before you start shopping. 
Happy diverse college or university students are having fun on their graduation day...
BYU MBA at the Marriott School of Business

How to choose what MBA program is right for you: Take this quiz before you apply!

Wondering what MBA program is right for you? Take this quiz before you apply to see if it will help you meet your goals.
Diverse Group of Energetic Professionals Team Meeting in Modern Office: Brainstorming IT Programmer...
Les Olson

Don’t let a ransomware attack get you down | Protect your workplace today with cyber insurance

Business owners and operators should be on guard to protect their workplace. Cyber insurance can protect you from online attacks.
Hand turning a thermostat knob to increase savings by decreasing energy consumption. Composite imag...
Lighting Design

5 Lighting Tips to Save Energy and Money in Your Home

Advances in lighting technology make it easier to use smart features to cut costs. Read for tips to save energy by using different lighting strategies in your home.
Portrait of smiling practitioner with multi-ethnic senior people...
Summit Vista

How retirement communities help with healthy aging

There are many benefits that retirement communities contribute to healthy aging. Learn more about how it can enhance your life, or the life of your loved ones.
Get Gephardt: How cybercriminals use social engineering to get us to hand over our sensitive info