PHILADELPHIA (CBS) — You lived through a computer security sea change, and you might not even know it: Last year — for the first time — more attacks on systems, networks, and data started not with malicious software, but instead through social engineering. That’s according to a new study, which pinpoints when you’re most at risk.
In one form of a social engineering attack, you unwittingly allow your computer to be compromised by the bad guy or girl who’s tricked you — and these aren’t Nigerian prince-style phishing emails we’re talking about.
“A very straightforward email that says, ‘your pizza is due to arrive at noon; to cancel, click here or call here.’ It’s a remarkably effective lure. A huge percentage of people click through on that,” says Kevin Epstein with the computer security company Proofpoint.
Epstein says spam campaigns like this are timed to land in your inbox when you’re more likely to click without thinking — between 9-10 a.m. — before the caffeine has kicked in. Tuesdays take the cake, with Mondays and Wednesdays just behind.
“The classic advice we were all given as children still applies — don’t talk to strangers,” Epstein warns. “If you see an email you weren’t expecting, add that extra degree of diligence before replying to it and certainly before clicking on anything in that email.”
Morning into lunchtime is worst for social media attacks; Epstein says more than two-billion malicious Android apps were downloaded this past year through social spam.