Skip to content
National IT
Managed IT24/7 systems monitoring Cyber SecurityEssential Eight alignment & beyond Cloud & Microsoft 365Migration, Azure, Teams & SharePoint IT Strategy & InfrastructureNetworks, resilience & lifecycle delivery AI & AutomationCopilot, automation, AI governance Strategic AdvisoryvCIO, governance & executive planning
Case Studies About Contact
Call1300 795 395 Book a 30-minute meeting →
Services Managed IT Cyber Security Cloud & Microsoft 365 IT Strategy & Infrastructure AI & Automation Strategic Advisory Company Case Studies About Contact
Book a 30-minute meeting → Call 1300 795 395

Phishing and Social Engineering

Understand phishing and social engineering attacks with our expert guide. Learn how to identify, prevent, and protect your business from cyber threats.

Published 22 March 2019 · National IT

Some time ago we wrote a blog about the importance of passwords, gave some examples of how to keep your passwords safe and tips on how to make them hard to guess (but easy to remember). We also posted a link to https://haveibeenpwned.com : a great little utility to find out if your email address has been caught up in the data breaches that seemingly happens every other week. But these data breaches, hacks and brute force attacks are not the only  tools in a cybercriminals arsenal. As an extension of that, your passwords are not the only thing these people are interested in either.

Another tried and true technique of obtaining sensitive information is Social Engineering.

Social engineering is a term used to describe the psychological manipulation of people in to performing actions or divulging confidential information. In other words, one example of this could be extracting a password from someone purely by pretending to be an authority and asking the right questions.

This example of Social Engineering is called Phishing and it is exactly as it sounds! Dropping a line with some bait on it to see who bites! People are lured by communications from seemingly trusted  or authoritative parties such as Banks, Electricity or Phone companies and yes, sometimes even IT providers!

Popular types of phishing techniques include:

Spear phishing

Direct attempts at specific individuals utilising some personal information previously gathered on the target such as full name or phone number.

Clone phishing

Where a previously delivered email  containing an attachment or link had its content and recipients taken and used to create an almost identical email.

Whaling

A term coined for spear phishing directly aimed at senior executives or other high profile targets.

I think we have all seen examples of Clone Phishing. How many emails from Australia Post or some Electricity company have we gotten encouraging us to click a link. These links, once clicked, can do anything from scan your computer for information or taking control of your computer for future use.

The problem with phishing and social engineering is that it takes advantage of peoples natural tendency to trust.

Here is the real kicker: A networks security is only as strong as its weakest link. You can have all the controls and security features in place but the fact remains; Humans use these systems and as a result our human weaknesses are the best target for hackers and often the one most overlooked by those responsible for IT security.

Over the next couple of weeks, we will look at ways to spot various Social Engineering techniques and we can discuss how to protect ourselves and help those around us.  In the mean time, check out this little quiz and see how you go. Let us know your results!

https://phishingquiz.withgoogle.com/

Stay safe!

← All insights

National IT

Managed IT, cyber security, cloud and strategy for Australian small and mid-sized businesses.

Services

  • Managed IT
  • Cyber Security
  • Cloud & Microsoft 365
  • IT Strategy
  • AI & Automation
  • Strategic Advisory

Company

  • About
  • Case studies
  • Contact

Contact

  • Australian-based support
  • 1300 795 395
  • sales@itsolutions.com.au
  • Mon–Fri · 8:30am–5:30pm
© 2026 National IT. ISO 27001 certified.
Privacy PolicyTerms of UseClient Portal