Skip to content

At The Identity Organisation, we're here to help!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Blame it on the Lizard Brain

    Lizard Brain for Social Engineering

    People need to work to overcome their inherent biases in order to avoid falling for social engineering attacks, according to Heidi Mitchell at the Wall Street Journal.

    “Criminals lure smart people into their traps by taking advantage of the unconscious, automatic processes that act as shortcuts to make our decision-making more efficient,” Mitchell explains. “These cognitive biases—arising from what’s often referred to as our ‘lizard brains’—can cause us to misinterpret information and make snap judgments that may be irrational or inaccurate.”

    Professor Cleotilde “Coty” Gonzalez from Carnegie Mellon University told the Journal that criminals take advantage of human psychology to make their attacks more effective, explaining that “if something is presented as a loss, we are more willing to take a risk [to avoid it]; if it’s presented as a gain, we are OK with taking a safe option.”

    As a result, people are more likely to fall for a scam that tells them they’re going to lose money, as opposed to one that offers to give them money.

    Mitchell adds, “Or a scammer might send a message to your work email, claiming that there is a problem with an account at one of your corporate suppliers, and warning that your shipment—one that your boss is counting on—will be delayed unless you verify your account information in a link provided by them. The fake link leads to a fake website that looks like the real thing. By playing on your fear of losing access to your account, the scammer gets your credentials.”

    Scammers also take advantage of authority bias and urgency bias to compel their victims to act. Authority bias can be seen in business email compromise (BEC) attacks, in which an attacker impersonates a person of authority within an organization and sends a request to a lower-level employee. Urgency bias is often tied into these attacks, and involves making the victim believe they must act quickly to fulfill a request.

    New-school security awareness training can give your employees a healthy sense of suspicion so they can spot red flags associated with social engineering attacks.

    The Wall Street Journal has the story.


    Request A Demo: Security Awareness Training

    products-KB4SAT6-2-1

    New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top