Locus Robotics

Webinar: Life After Deployment - Continuous Warehouse Optimization!

Webinar: Life After Deployment - Continuous Warehouse Optimization! Register Now!

August 05, 2024

Understanding Social Engineering Threats

Author Icon Fouad Khalil, Senior Director, Enterprise Security, Risk and Compliance

Hacker with social media

In a perfect world — mature processes, effective controls, security aware workforce — why do you need security professionals? Well, let us state the obvious: security threats are forever brewing globally, always changing, and continuously evolving and we need all the help we can get.

August 6 is National Social Engineering Day — a day dedicated to bringing awareness to a common threat — “Social Engineering.”

By definition, social engineering is the tactic of manipulating, influencing, or deceiving a victim in order to gain control over a computer system, or to steal personal and financial information. Attackers leverage a wide range of tactics, take advantage of our courteousness, and fake urgent scenarios to simply obtain unauthorized access to a system or facilities. It is a form of persuasion to make a belief in untrue situations.

Types of social engineering attacks are many ranging from phishing, tailgating, smishing, quid pro quo, vishing, and spoofing, to name a few. It is fair to say that EVERYONE is a potential target and we must remain diligent to protect what is important.

Social engineering attacks are real and, in some cases, globally impacting. Some examples are the $100M Google and Facebook phishing scam, the White House hack (more mischief than malice), persuasive email phishing attack imitating US Department of Labor, Microsoft 365 phishing scams that steal user credentials, and much more.

At Locus Robotics, we pride ourselves in our commitment to security, compliance, risk mitigation, and employee security awareness initiatives. Employees are the front line of defense and we must empower them with tools and knowledge to be better prepared for the unexpected. That is accomplished in many ways — primarily through continuous training, simulated social engineering attacks, visibility of attack trends, and knowing what vulnerabilities exist and how to mitigate them.

The more we know, the more effective we are. We all have to do our part in the global fight against malicious users whose primary goal is to steal, gain unauthorized access, and create havoc.

Join Locus Robotics, and the many across the globe, to increase awareness of security threats during this National Social Engineering day.To find out more about our stance on cybersecurity, please visit our Trust Center.

About the Author

As Senior Director, Compliance at Locus Robotics, Fouad is responsible for internal and external compliance programs, auditor education, alignment with industry best practices and cross-functional support. He brings extensive experience in the technology space with more than 25 years spanning disciplines in software development, IT support, program and project management and most recently IT Security and Compliance management. Khalil’s career path in technology has provided him with keen insights in the areas of network, system and database administration, software programming, system, software and GUI design, project and product development, solution implementation and much more. For nearly the past two decades, Khalil has focused on data security, security investigations, cybersecurity, security training and awareness, and security compliance– serving as an industry expert in key areas such as IT, NIST, Internal Controls over financial reporting, Sarbanes-Oxley, GDPR, CCPA, PCI DSS, HIPAA and HITECH. Khalil holds a Bachelor’s degree in Electrical and Computer Engineering from Marquette University and CISA, CDPSE and ITIL Foundations certifications. Additionally, he is an active member/contributor in ISACA, IIA and Infragard.

Avatar photo