Social Engineering Incident Types

1 min read Advanced Security Topics

Social Engineering Incident Types

Different attack types require tailored responses:

Phishing Credential Compromise: When employees provide credentials to phishing sites:

  1. Immediately reset compromised passwords
  2. Check for account access and data exfiltration
  3. Review email rules and forwarding settings
  4. Scan for malware if links were clicked
  5. Identify other employees who received similar emails
  6. Block phishing domains at perimeter

Business Email Compromise Response: For successful BEC/wire fraud:

  1. Contact receiving banks immediately (within 24-48 hours critical)
  2. File complaint with IC3.gov
  3. Notify law enforcement
  4. Preserve all communications
  5. Review financial controls
  6. Check for additional fraudulent requests

Vishing/Pretexting Success: When attackers gain information through phone calls:

  1. Document exactly what information was disclosed
  2. Assess potential misuse scenarios
  3. Implement additional authentication for affected processes
  4. Alert other potential targets
  5. Review call recordings if available
  6. Update verification procedures

Physical Breach Response: For successful physical intrusion:

  1. Review access logs and camera footage
  2. Identify what areas were accessed
  3. Check for installed devices or missing items
  4. Re-secure affected areas
  5. Update access controls
  6. Alert security personnel