how to be secure from social engineering attack

Set a strong password. don't use a weak password and will better if you change your password in every three
month.

Check. website protocol, every website domain and every link which is sent from another person.

Use VPN. when hacker gave you fake link to get your privacy IP address and you just click it, they have more
chances to hack your device but in the case, when you use VPN, then hacker catch a wrong IP address and you still
safely.

Use Phishing Detector. this is extension to detect any Phishing website you visit and give you notification to don't
use this website and also don't write your privacy information.

Don't answer stranger number. its could be social engineering attack by number (Baiting) hackers .

Active 2-step verification Log-in. If you are logged in Phishers fake page, and you don't know anything about this
2step verification just secure you and then phisher can't log in on your account.

Set your spam filters to high. evey email or browse have spam filter, check your settings and set spam filter to high,
then your are secured from spam messages and posts.

Always expect risk. Double check every information you got before you found a correct information. Read
Cybersecurity news.

TIPS to Remember
Think before click something. in social network are lots of links, advertisement, Fake news and etc. because of this, you
would to know how to recognize fake link which may harm you, be sure to take a moment to check if the source is
credible first.

Research the sources. invariably use caution of any uninvited messages. Check the domain links to visualize if they're
real, and also the person causation you the e-mail if they're actual members of the organization. Utilize a pursuit engine,
move to the company’s website, check their phone directory. Hovering your pointer on a link before you truly click
thereon can reveal the link at rock bottom, and is in our own way to form positive you're being redirected to the right
company’s website.

Don't download anything you don't know. If you don't know who is the sender, don'n except anything from sender,
don't know what is inside the file, and they just write its "Urgent" don't download maybe it's scam.

Fake offers and prizes. It's so old method, but still happen in 2020, if you receive messages from Google that you win
lots of money or Cristiano Ronaldo send that he have giveaway with "big chances to win money". This is absolutely false.

Most common Source of Social Engineering attack

When hacker make some Phishing page, then they want to give this fake information to "Target" and they use some
for contact to "Target".

You can see that on Pie Chart, most usage is Phishing E-mail, in lots of case hacker sent Phishing Page by E-mail, because
E-mail have Most user like 68% of People and Email is most unsecured from another Platform. In social Network are lots
of advertisement and posts by people but some from this people are hacker, they share their: Phishing Pages, Fake
giveaways and etc. asset can catch some information. And also notice by Vishing(Phone call) but its unpopular because
by vishing can recognize(Who is Hacker by voice, Hacker Location and etc.) for Hacker its so unsafe, And 2% use another
method.

Social Engineering(Phishing, Baiting, Tailgating, Quod Pro Quo and etc.), from this Pie Chart you can see that most Social
Engineering type by people using is Phishing, in this case Hacker copy Design and structure from original, this may be:
Bank Page, Social Network Page, Vacancy and etc. From phishig Hacker can catch privacy information like: LogIn,
Passwords, Credit Card, Location, Privacy Data.

According to information collected by Webroot, phishing attacks became progressively subtle and thoroughly
crafted so as to get sensitive info from specific organizations and folks.

“Our information shows that a phishing web site will last for as very little as quarter-hour,” aforesaid Hal Lonas, CTO for
Webroot. “In years past, these sites might endure for many weeks or months, giving organizations lots of time to dam
the tactic of attack and forestall a lot of victims from falling prey. Now, phishing sites seem and disappear within the span
of a collation, going away each organization, notwithstanding its size, at an on the spot and heavy risk from phishing
attacks.”

During 2016, a median of over four hundred,000 phishing sites are discovered every month, with 13,000+ new phishing
sites per day.