Social engineering is an increasingly common type of cyber security threat. The Cyber Security Breaches Survey 2024 found that phishing and impersonating organisations online – both examples of engineering – are now the two most common types of cyber security breaches.

Instead of technical hacking, social engineering relies on deception and manipulating people into sharing information or providing access to systems. It involves presenting someone or something as something they’re not. For example, malicious links masquerading as legitimate website links in emails, or someone impersonating a senior company official to gather confidential information.

Common social engineering tactics include:

For this method of social engineering, attackers send deceptive emails or messages often containing malicious links or attachments. These links or attachments are designed to encourage people to reveal sensitive information, like credit card information or passwords. For example, an email sent pretending to be a supplier chasing an invoice and including a link to a fake payment portal.

Like phishing, pretexting is where attackers create false scenarios to gain trust. They trick people into sharing confidential information or providing access to systems and software. In a business context, this might be someone posing as IT support, a vendor partner or bank representative.

Businesses of all sizes and locations are prime targets for social engineering attacks. Here are some of the reasons why small to medium businesses in Brighton might be particularly vulnerable.

• Cyberattacks disproportionately impact small to medium businesses in the UK. While 50% of UK businesses overall have identified breaches or attacks in the last 12 months, this increases to 58% for small businesses and 70% for medium businesses. This is according to the Cyber Security Breaches Survey 2024.
• Brighton is a digital hub and home to many businesses that offer hybrid or remote working. With the increasing prevalence of remote working, the vulnerability to attacks that exploit remote access also increases
• Limited resources may mean that staying up to date with cyber security threats and how to counter them fall down the priority list

Since September 2024, Bitdefender – our cyber security partner – has observed several social engineering attacks of a similar pattern. Cybercriminals impersonate IT support on Microsoft Teams to gain access to users’ machines via Quick Assist. Once access is granted through Quick Assist, the attackers pretend to troubleshoot fake issues and instead deploy malware, like Qakbot and Black Basta.

This type of social engineering is particularly dangerous because it copies interactions expected by staff. It also uses tools (e.g. Microsoft Teams and Quick Assist) that are commonly used to share or access sensitive information.

We appreciate that might feel like a lot to manage for a small business. AJT Managed IT Services is a Bitdefender partner. If you work with us and have taken out Bitdefender Managed Detection & Response (MDR), we can detect and respond to these attacks on your behalf.

Bitdefender works with vendors and researchers to understand new attacks like this. It also provides 24/7 monitoring for suspicious activity on communication and remote assistance tools, like Microsoft Teams and Quick Assist.

The AJT team can also provide expert guidance and regular security assessments. Furthermore, we can recommend an appropriate level of detection from Bitdefender for your business. Finally, we offer access to top-tier security training through BullPhish ID.