Advertisement
JIS News

Story Highlights

  • The Consumer Affairs Commission (CAC) is warning consumers to guard against social engineering attacks by nefarious persons.
  •  Mr. Evelyn noted that the personal information shared online can also be added to databases that are sold to persons with negative intentions.
  •  “We are asking consumers not to download information if they are not expecting a file from the sender, [to] conduct extensive research before engaging links, and if the message in the email conveys a sense of urgency or uses high-pressure sales tactics, be sceptical,” he urged.

The Consumer Affairs Commission (CAC) is warning consumers to guard against social engineering attacks by nefarious persons.

According to Information Technology Manager at the CAC, Andrew Evelyn, the term refers to the use of deception to manipulate persons into divulging confidential or personal information.

Speaking at a recent Jamaica Information Service (JIS) ‘Think Tank’, Mr Evelyn said the cybercrime is a trend that is of concern to the agency.

“The goal of social engineering is to obtain your personal data to possibly hijack your account, steal your identity and initiate illegitimate payments. For example, consumers will receive an email promising them something of value that takes you to a page that requests entering your data and maybe credit card information,” he explained.

Mr. Evelyn noted that the personal information shared online can also be added to databases that are sold to persons with negative intentions.

Phishing attacks is a social engineering strategy that the CAC is encouraging consumers to guard against.

“The nefarious persons imitate a trusted source, such as a local bank or utility company and concoct a seemingly logical situation that requires handing over login credentials or other sensitive personal data,” he explains.

Some scenarios identified by Mr. Evelyn include notifying the user that they are the winner of a competition or a friend urgently asking for help.

“We are asking consumers not to download information if they are not expecting a file from the sender, [to] conduct extensive research before engaging links, and if the message in the email conveys a sense of urgency or uses high-pressure sales tactics, be sceptical,” he urged.