According to a 2018 Small Business Trends survey, 58% of all cybercrimes committed last year targeted small businesses, and most of these crimes came in the form of a “social engineering” attack. Social engineering is a mode of cybercrime that’s used to lure well-meaning individuals into breaking normal security procedures. These attacks appeal to their targets vanity, authority or greed to exploit and steal from their victims. Even a simple willingness to help can be used to extract sensitive data. An attacker might pose as a coworker with an urgent problem that requires otherwise off-limits network resources, for example.
These attacks can be devastatingly effective, and extremely difficult to defend against.