Social Engineering for stealing Passwords

Social Engineering is one of the methods used to steal passwords. Cybercriminals use social engineering as one of the easy ways other than technical attacks to steal passwords. Social Engineering is psychological and grooming, and tricking people or employee to divulge credentials.

never use easy passwords

Easy Password concept. My password 123456 written on a paper with a marker.

A typical example is how an attacker calls your helpdesk saying he is user working for the company in XY department and needs his password reset.
Under well organised, professional IT structure users who have lost or forgotten their passwords to come in person and present an ID Card to reset their passwords but smaller, less professional setups might permit users they know well to reset over the phone based upon recognizing their voices or answering some very basic cognitive questions. This type of policy is a receipt for disaster.

Other types of social engineering include just trying to gain information about the target user or network the attacker wants to get into. The bad guy could ask a human resources staffer during an interview where the attacker pretends to be interested in a job about technical details of the network, users, services and so on to gain more intelligence about the company.  
The last and most common example of social engineering is tricking someone into holding an access door open for the bad guy to enter a facility without identification.

How To Mitigate Social Engineering?

User training

Social engineering can be mitigated by providing cybersecurity awareness training to all your staff. Training can help prevent not only social engineering but also not accessing wrong websites, downloading unauthorized software, which can cause serious damages leading to a denial of service (DoD). Training can help prevent this threat and many other threats to a network. Also, responsible network administrators train their users never to divulge their passwords to anybody for any reason.

Strict password Policy

password policy is a set of rules designed to enhance computer security by encouraging users to employ strong passwords and use them properly. A password policy has to be part of an organisations’ official regulations and may be taught as part of security awareness training.

Useful link for easy password

I’d like you to watch the below youtube video to understand how easy it is to crack easy passwords:

If you found this short article please share with your friend and if like some advice on how to secure your data get in touch at

Human Security and our daily lives

Why Human Security In our daily lives?

Human Security

The purpose of this blog is to show my appreciation to the people who saved my life on Saturday, 11 July 2015, at about 8:30, when my car caught fire for no apparent reason. I’d like to extend my gratitude to the West London fire services and the police for reaching out to me.

I’d also like to extend my sincere thanks to locals especially the family at 6 Beaufort Road, London W5, who offered me hot tea and lovely biscuit. If I was not told to move away from my burning vehicle I could have easily blown away.

The car insecurity

Our human security is threatened by events well beyond our controls or the things we wouldn’t imagine happening to us e.g. road accidents, financial crises, unexpected death, flooding, getting caught in a nasty crossfire, and etc…

The accident that happened to day is something I’ve never imagined happening to me at all. I was driving to drop my son, Qananisa 16, to his tennis-training club in Ealing common, West London

The Care beyond repair

In order to safeguard the vital core of our lives there are many simple things, but important things, we need to take care off. When driving off to our chosen destination we need to first of all give enough time for the unpredictable traffic hold ups whether it is in London or any other busy city in the world.

Checking the basic safeties of our vehicle, water, tyre, mirror and etc. could prevent unnecessary waste of time and most importantly the stress that could be a source of many illnesses.

We need Human Security in all the things we do

I look at these things as an IT Security professional where I believe that securing our sleeves is cannot be 100%, but we increase the measures that enhance the factor of being secured.

One thing we need to do on daily basis is appreciating all the things we have, houses, cars, jobs,  especial skills we have and the fact we can communicate.

Free Security Assesment

We offer a free comprehensive Security assessment in 16 areas of vulnerability so, that the problem is approached head on to save our clients time and money.

SecuredTech Ltd takes your privacy seriously. We won’t share your details with third parties. If you choose not to receive our latest Cyber security news you can unsubscribe at any point.