Social engineering: the weakest element in security

One of the common forms of this cybercrime is phishing, or an attempt to obtain information from one of the employees that would help with the hacking a company’s network. Thus, attackers may well gain access to personal accounts of employees, where important company data is located. Sometimes these attacks can be very effective, as employees often take messages with malicious files as a regular newsletter.

Most of the leaks, about 90%, affect personal and billing data. Most of the intentional leaks occur in the financial sector, industry, government and municipal institutions.

First of all, the attackers want to gain access to a trade secret – payroll, employment contracts and any other documents of limited access, and then sell them.