Most cybercrime employs social engineering, Jerry Beasley of TraceSecurity told attendees of the CUNA/National Association of State Credit Union Supervisors Bank Secrecy Act (BSA) Conference Tuesday. Beasley explained that social engineering techniques are deliberately designed to people’s inherent vulnerabilities.

“A significant part of all data breaches involves some form of social engineering because it is taking advantage of the human condition,” he said. “Basically, it’s usually getting people to make some kind of decision based on what they’re seeing or hearing in a message.”

According to a 2016 report on data breaches from Verizon, 35% of data breaches are caused by social engineering. Hacking causes 62%, while physical breaches cause 6% and malware causes 2%.

The top social engineering technique is called “phishing” and it has seen a 95% jump in recent years, which has been attributed to state-affiliated espionage, Beasley said.

 

continue reading »