Has an unexpected email ever prompted you to log into an account you rarely use? Has a website ever asked you to click a link that didn’t go where you expected? Chances are you were a victim of social engineering. Social engineering occurs when an individual or company tricks an unsuspecting consumer into providing sensitive information through technological or in-person means. By taking advantage of the victim’s social engineering, the person committing the fraud receives more information.
Common Social Engineering Practices
There are four major ways that would-be scammers use social engineering to get victims to provide sensitive information. While you’ve heard of some of them, chances are you don’t even realize others are an issue.
Phishing scams try to gain your personal information and use false links that direct to you legitimate-looking websites. They often incorporate fear by threatening account closure or fees if you do not act right away.
Baiting occurs by asking users to download items or provide information in exchange for free music, free movies, or other coupons.
Pretexting when a scammer lies to the victim by creating a false scenario. Typically, it involves impersonating someone to create a false sense of trust. They then convince the victim to provide identifying information or even to send pictures of themselves.
Tailgating (or “piggybacking”) occurs in person and is a method of building rapport. Someone will dress up as another type of employee or delivery driver and hover outside a restricted area until an authorized person arrives. The scammer asks someone to hold the door or strikes up conversation and walks in with them. Because most people have it ingrained in them to be polite to strangers in a professional environment, the attacker gains access easily and can then part ways to find what he or she wants.
How To Prevent Yourself From Becoming a Victim of Social Engineering
Social engineering is ingrained in everybody, but there are things you can do to be more aware of yourself and your surroundings to ensure you don’t become the victim of scammers.
Protect Your Login Information
Use multifactor authentication anywhere that you can. By using more than one source of authentication, such as phone numbers, passcodes, email addresses, and verification codes, you make it much harder for a scammer to pretend they’re you and gain access to your accounts and information.
Never Open Links
When you receive emails from employers, financial institutions, utilities companies, or any other official company, it may be tempting to click on the included links. Unfortunately, it’s easier than ever for people to spoof legitimate emails and even email addresses and provide fake links. Always call a company directly or go directly to its website to find the information you need, especially if you are prompted to login or provide personal information.
Don’t Be Tempted by Offers
Free or discounted stuff sounds awesome, but it’s often too good to be true. If an offer is legit, you’ll likely find information directly on the product’s website or by doing a Google search. Avoid responding to emails in case it’s a social engineering scam.
Update Your Computer Regularly
One of the easiest ways that scammers gain access to your information is through vulnerabilities in your computer. Update your software regularly, including your antivirus and malware programs. The best way to do this is to keep automatic updates turned on and check often to ensure they are being applied properly. Scanning your system for viruses at least once a week is important as well.
Falling victim to scammers can wreak havoc on your personal finances and credit, not to mention the finances and credit of your business. By understanding the methods behind social engineering and knowing what to look for to protect yourself, you help to ensure your professional and personal financial safety.