What is an acceptable use policy, and when do I need one?
An acceptable use policy (AUP) is a document that explains the ways in which a website, computer network or other online service may and may not be used.
One day, you get a mysterious email announcing you as the lucky winner of a competition.
You don’t remember entering any competitions recently, but your interest is piqued by the thousands of dollars ready to be deposited in your bank account. To claim your prize, all you need to do is pay a small processing fee. While the email looks legit, it does seem a bit fishy… Nevertheless, curiosity (or greed) gets the better of you, and you’ve forked out hundreds just to get your hands on this mythical prize!
Online scams and phishing attacks are prime examples of social engineering — a technique used to manipulate people into sharing confidential or personal information, or to gain access to valuables like your money or data.
Scammers and hackers start by reaching out to you to gain your trust or spin an elaborate story around some urgent calamity, once-in-a-lifetime opportunity, or even something as mundane as a “failed payment” with software subscriptions that need to be resolved.
They may weaponise any number of emotionally manipulative tactics like using fear, curiosity, love, grief, and guilt to get your attention. From there, they don’t have to work too hard to get you to follow their innocent-sounding instructions. And once they’ve got you hooked, they’ll invite you to share more about yourself, click on links, pay money, or even try to hijack your phone, email, or social media accounts to victimise even more people.
With the amount of random emails, calls, and texts we get spammed with every day, it’s easy to miss the suspicious signs, and autopilot our way through clicking on links that appear normal.
Here’s some easy habits you can adopt to reduce your likelihood of falling victim to a social engineering attack:
Some of the most obvious giveaways of a scam are bad spelling, generic addresses, or claims that just don’t match up with anything you’ve done or can recall doing recently. If something sounds too good to be true, it probably is – especially if you’ve been contacted by a stranger you know nothing about.
Especially if you don’t recognise the sender, or if the tone of the email/text message seems out of character compared to how they usually sound. Best case scenario sees you checking with the sender to make sure they really meant for you to see something.
Worst case scenario sees you inadvertently downloading viruses or other malware that could be used to hack your device and steal your information.
To stop scam and phishing emails from reaching you in the first place, you can increase your spam filter to high and block emails from certain addresses. You can always add your friends to a “safe senders” list to ensure their emails get through.