An official website of the United States government
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

 

Online Dangers: Social Engineering

31 March 2017

From Staff Sgt. Mark A. Phillipp, Naval OPSEC Support Team

Social engineering is a process where people use their social skills to manipulate targets to collect critical information or gain access to an area they wouldn't normally have access to, all without the victim's consent or knowledge.
Download Icon Download
Social engineering is a process where people use their social skills to manipulate targets to collect critical information or gain access to an area they wouldn't normally have access to, all without the victim's consent or knowledge. It has been practiced widely, with great success, since the earliest days of mankind.

Social engineering does not only apply to people who you talk to in person. It is becoming more common for people to be victimized online or over the phone. Often, the social engineer will pretend to be somebody you know - a friend, family member, or coworker - because people are more willing to share information with people they know.

Protecting yourself against social engineering is easier than you may think. If somebody has an unusual interest in you, or more specifically, details about your military experience, then chances are it is some sort of scam. Social engineers are extremely skilled and thoroughly trained in how to extract information from their victims. Do not allow yourself to be put in a position where you are susceptible to collection from foreign intelligence services. The following tips are useful tools you can use to avoid being targeted:

- Use caution when providing sensitive information over the phone to someone you do not know. If necessary, call their office back and ask to be transferred to the person requesting the info in order to verify they are who they say they are.
- Do not open emails from untrusted sources. If you ever receive an unusual email from somebody that you know, contact that person directly to ensure they are the true sender.
- Buy antivirus software for your computer (and phone). These go a long way in protecting your devices from viruses.
- Never allow a person access into your building that does not have legitimate access. If somebody says that their badge is broken or lost, refer them to the security office.
- Do not provide critical information to people who do not need to know that information.

If you feel, for whatever reason, that you may have unwittingly disclosed critical information, contact your chain of command or the security office at your command as soon as you possibly can.

To learn more about Operations Security visit Navy.mil/OPSEC.
  
 

Google Translation Disclaimer

Guidance-Card-Icon Dept-Exclusive-Card-Icon