What leads to reverse social engineering?

The success of reverse social engineering depends on the following -

The former cause is most common with individual systems and users, while the latter typically applies to small and medium business organizations that have an underdeveloped information security infrastructure or little emphasis on security awareness.

Lack of security awareness

Humans are generally known to be the weakest link in the security chain, with 94% of malware delivered through phishing and social engineering attacks. Though many organizations have basic security policies that state not to disclose sensitive information such as username, password, transaction details, OTP, account number, many users still fail to understand the importance of these security policies. Users generally avoid the implementation of key security elements such as multifactor authentication; scanning unknown devices; not opening anonymous emails, links, and attachments; and several other precautions. A recent survey found that nearly 26% of internet users have shared their OTP with others.

People give out information for multiple reasons, at times, for the sake of ease or shortening the process for which the information is required, or sometimes due to their helpful nature. In some cases, it was found that the compromised information was provided because the request was made by some authority (mistakenly assumed) such as bosses, superiors, government officials, law enforcement officials, etc. Thus, intimidating the victims into divulging sensitive information. In several other cases, users were unaware of how to deal or respond upon realizing that their system or data has been compromised and in panic, tend to fall for the predesigned lure of reverse social engineering. Hackers understand these psychological attributes very well and utilize them to their advantage.

Poor security plans

Although organizations understand the risk of a security breach, not many are ready to spend resources on advanced security solutions. Others assume that their current technology is sufficient and flawless. Even if organizations try to build and incorporate security technology and procedures into their operations, it is difficult to determine its efficacy without a proper test. Many organizations rely on internal identifiers (such as asking employees to check for issues) to test the performance of these procedures and defenses, which is considered a disaster recipe by cybersecurity experts.

Organizations that manage sensitive information run a more substantial risk of a security breach and need more robust security policies. Thus, proper authentication mechanisms and additional features that protect these mechanisms are essential. Apart from that, it's imperative to test the security plans and procedures periodically. A holistic approach to the testing of these procedures is a must. Many organizations establish security guidelines but fail to implement them effectively, as security experts assume that their employees understand the security risks and their implications, but these assumptions are unrealistic. Organizations run the risk of failing to establish or include realistic procedures for making employees aware of security procedures, risks, and mitigations.

How to Mitigate Reverse Social Engineering Attacks?

The causes of social engineering and reverse social engineering are often due to poor security awareness and a lack of operational procedures. This causes the individual to panic and react to the problem inappropriately, such as contacting non-credible tech support (who turns out to be the preparator), leading to the success of reverse social engineering. Hence, the mitigations for reverse social engineering attacks are quite similar to that of social engineering attacks: