💰 Social engineering can deceive anyone, as evidenced by the phishing attacks that targeted engineers at Twilio, a successful startup, last fall. More recently, well-known startup founder, investor, and NFT creator Kevin Rose was tricked into surrendering over a million dollars worth of digital assets.

While the details of the attack are not fully known, it has been confirmed that Kevin Rose was lured into providing his signature for a digital wallet on a fraudulent website. With this signature, the attackers were able to transfer their digital assets into other wallets. Unfortunately, none of the stolen assets have been recovered.

Social engineering attacks can happen to anyone, but you don't have to become a victim. It's essential to be cautious and think about the context whenever you receive a message, email, or phone call that contains a request. Taking a few moments to assess the situation can help you avoid falling prey to an attack.

Consider the following:

👉 Was the request you receive expected?

👉 Was the correspondence you received typical of that company or person?

If you have any doubts about the legitimacy of a request, it's important to verify its authenticity by reaching out to the sender through a different channel or by contacting your security team. This way, you can ensure that you are not falling prey to a social engineering attack.📣 If you suspect that you have fallen victim to a social engineering attack, don't be ashamed or hesitant to seek help. Remember that these attacks can happen to anyone. It's crucial to inform someone who can assist you in such cases.

----

Want to subscribe your team to weekly posts like this in Slack? Check out Heakka Streams. We send a current, relevant, up-to-date scam of the week in Slack. You choose who gets it. All Streams are 100% customizable by admins before they are sent to your team.

‍