Get Gephardt: How cybercriminals use social engineering to get us to hand over our sensitive info

Oct 3, 2022, 10:10 PM | Updated: Nov 18, 2022, 11:31 pm

SALT LAKE CITY — You can have the strongest, most secure password in the history of cybersecurity, but the bad guys know there is one weakness they can use to hack into your system — you!

Just recently, Uber got added to the ever-growing list of companies defeated by social engineering when a hacker tricked a contractor into granting them access to his Uber account. From there, they got into the rideshare giant’s internal data systems.

Oh, and the alleged hacker? Just 18 years old.

“I’m actually not too surprised,” said cybersecurity expert Zulfikar Ramzan, Aura Labs’ chief scientist and CEO. “There was nothing sophisticated. It was all fairly straightforward.”

Ramzan said that while Uber’s hacking may sound like something out of a heist film like Ocean’s Eleven, it isn’t.

“This is more like a 7-Eleven smash and grab,” he said. “The reality is in this day and age; those attacks tend to be quite effective. You don’t need to be very fancy.”

Ramzan said social engineering is classic con man stuff — faking legitimacy. The bad guy might pose as a government agency, your bank, a work colleague, someone in your IT department, a friend or others. And they will use emails, texts, social media, whatever they can to reach you.

“It’s just about being able to trick you into doing something that compromises your own security,” he said. “It only takes one person to let you in the front door, and from that point onward, you may have access to most rooms in the house.”

Often, the trick is to get you to follow a link, or they will get you to send them a code to defeat two-factor authentication or to get you to use your real login credentials on a fake website.

And it works well.

According to the FBI’s latest Internet Crimes Report, cybercrooks stole $6.9 billion last year, much of that is through social engineering.

New data from virtual private network company, NordVPN found that 84% of Americans have run into some kind of social engineering. Of those, 36% actually admitted to getting duped. Ramzan said it could happen to anyone at any level of tech savviness.

“We have these amazing street smarts and tell us when we go to the physical world – what a good neighborhood is or a bad neighborhood as we can tell something’s wrong because we’ve owned our physical street smarts in really deep ways,” he said. “Unfortunately, we haven’t grown our digital street smart, and so we don’t have that same level of intuition — those “spidey senses” that tell us that we’re potentially in danger.”

Ramzan said the explosion of remote work throughout the pandemic has dramatically accelerated social engineering attacks.

“Your IT department is incentivized to set up a world where anybody can access critical services from anywhere. Unfortunately, that also means hackers can access that same information potentially from anywhere,” he said.

So, how to keep the bad guys from getting their foot into our front door? Ramzan said anyone asking for login credentials is a huge, stinking red flag. Next, use multi-factor authentication everywhere you can. Then, watch what you post about yourself online.

“Even though you might think you’ve got a small role to play in whatever is out there, you might be one or two connections away from someone who could have a massive impact,” Ramzan said. “If somebody can get to you, they may be able to use you as the next step in a chain of events to get into something much more nefarious.”

KSL 5 TV Live

Get Gephardt

Matt Luers says the "No Soliciting" sign at his Sandy home is hard to miss, but solicitors continue...

Matt Gephardt & Sloan Schrage

What are the rules & your rights when ‘No Soliciting’ signs don’t keep salespeople at bay?

While many Utahns put up signs to keep solicitors from knocking on their doors, a man in Sandy says the knocks keep coming. He decided to Get Gephardt, who explores what those signs really mean.

1 year ago

Car driving...

Matt Gephardt

How you can lower your car insurance costs even as rates continue to climb

It would be a good time to double check with your insurance agent and make sure you are getting all the discounts available to you. Auto insurance rates are catching up with the costs of, well, everything that has gone up thanks to inflation.

1 year ago

(KSL TV)...

Matt Gephardt and Cindy St. Clair

Layton woman struggles to claim money owed to her from her dissolved business

Utah's Unclaimed Property Division has millions of dollars that it wants to reconnect with the rightful owner. But for a Layton woman, getting her money back has been easier said than done. So she decided it was time to Get Gephardt.

1 year ago

(KSL TV)...

Matt Gephardt and Sloan Schrage

Get Gephardt helps Utahn get refund for not-delivered TV

If you pay hundreds of dollars for a new TV, you expect to GET the TV. But when a West Jordan woman couldn't get her TV or a refund, it was time to Get Gephardt.

1 year ago

Cancelled overseas tours...

Matt Gephardt, Cindy St. Clair and Sloan Schrage

Get Gephardt: Utahns say they’re out thousands after South Jordan travel company cancels overseas tours

Imagine paying thousands of dollars for a once-in-a-lifetime trip, only to have the travel company cancel it on you – twice.

1 year ago

Tax scam...

Matt Gephardt

IRS warns of tax scams as filing deadline rapidly approaches

Procrastinators - it is crunch time! We are less than a week from the IRS filing deadline, which makes this week especially treacherous.

1 year ago

Sponsored Articles

Stack of old laptops with dark background...

PC Laptops

Old Laptop Upgrades You Need to Try Before Throwing it Away

Get the most out of your investment. Try these old laptop upgrades before throwing it out to keep it running fast and efficient.

Happy diverse college or university students are having fun on their graduation day...

BYU MBA at the Marriott School of Business

How to Choose What MBA Program is Right for You: Take this Quiz Before You Apply!

Wondering what MBA program is right for you? Take this quiz before you apply to see if it will help you meet your goals.

Close up of an offset printing machine during production...

Les Olson IT

Top 7 Reasons to Add a Production Printer to Your Business

Learn about the different digital production printers and how they can help your company save time and money.

vintage photo of lighting showroom featuring chandeliers, lamps, wall lights and mirrors...

Lighting Design

History of Lighting Design | Over 25 Years of Providing Utah With the Latest Trends and Styles

Read about the history of Lighting Design, a family-owned and operated business that paved the way for the lighting industry in Utah.

Fiber Optical cables connected to an optic ports and Network cables connected to ethernet ports...

Brian Huston, CE and Anthony Perkins, BICSI

Why Every Business Needs a Structured Cabling System

A structured cabling system benefits businesses by giving you faster processing speeds and making your network more efficient and reliable.

notebook with password notes highlighted...

PC Laptops

How to Create Strong Passwords You Can Actually Remember

Learn how you can create strong passwords that are actually easy to remember! In a short time you can create new ones in seconds.

Get Gephardt: How cybercriminals use social engineering to get us to hand over our sensitive info