There are multiple tactics and “entry points” social engineers employ in their work, countermeasures must consider and defend against each of them individually.
- Verify the identity of anyone you communicate with before giving out sensitive information. On Social Networking Sites, refrain from befriending people you don't know.
- To counter impersonators by phone, consider making callers remember a password before continuing the conversation
- Avoid writing down passwords; if necessary, store them in a safe (locked) place.
- Verify the identity of everyone entering your premises. Set up strategic chokepoints for entry and watch out for "tailgaters" (people who blend into a large crowd to enter).
- Do not use USB drives or any other device whose origins you are unaware of. Do not open emails from people you do not know or about subjects irrelevant to you.
- Hire security consultants to perform system impregnability tests on your site.
- O'Boyle, Stephen. "Social Engineering: Threats and Countermeasures ." Help Net Security. 24 Jan 2008: 3. Web. 2 Nov. 2013. http://www.net-security.org/article.php?id=1109&p=1
- Lemos, Robert. "USB drives pose insider threat." SecurityFocus. 25 Jun 2006: n. page. Web. 2 Nov. 2013 http://www.securityfocus.com/news/1139
- Snow, Gordon M. "Social Networks Are Vulnerable to Crime." Policing the Internet. Ed. Roman Espejo. Detroit: Greenhaven Press, 2012. At Issue. Rpt. from "Statement Before the House Judiciary Subcommittee on Crime, Terrorism, and Homeland Security." www.fbi.gov. Courtesy of The Federal Bureau of Investigation and The Department of Justice. The Federal Bureau of Investigation and The Department of Justice, 2010. Opposing Viewpoints In Context. Web. 2 Nov. 2013.