Social Engineering

Social Engineering

Trying to fool you to get access to your information and devices

Social Engineering is a strategy for marketing things to the public in such a way that people will do what the person using it wants. This is often used by scammers to manipulate unsuspecting web users into giving up personal information.

This page will show you some examples of Social Engineering, which should help you identify when you are at risk of being scammed!

Fraud Alert Graphic
Image by Mohamed Hassan, via Pixabay

Know

  • What is a scam call?
  • Can I identify a malicious email?
  • When should I download a file?

Identify

  • Do I know this person?
  • Was I expecting this?
  • Should I click on this?

Do

  • Verify before giving personal information.
  • Say no if you are not sure.

What are some common phrases phone scammers use?

Phone scammers can tell you that you’ve won something and they need your information to give you whatever prize they’re offering. It’s best to remember that anything that sounds too good to be true probably is. Don’t give your information in these cases, especially if you weren’t expecting to win a prize.

They may also try to urge you into acting by saying something important has expired, like your car insurance. Similar to the “you won” message, you shouldn’t give any information unless you know it’s really your insurance provider, or any other service you trust.

What about E-mails?

E-mails can have the previous examples, but here are some others, as well as more things to watch for.

For instance, They might tell you a close relative died and they need your info to send you their money. If a close relative has died, you should already know they passed. Never trust these messages if you don’t know for sure, or ask another relative if they know about it.

Another common one can be a service like Instagram or Twitter saying that someone has tried to log into your account and that you need to change your password through a link. If you’re worried about your password, change it, but DO NOT use the link in the email! Instead, go to the website by searching for it on your browser. This way, you avoid clicking the link in the email, which could lead to a site that will not change your password, but instead take your information when you enter it into the site.

Can websites have Social Engineering, too?

Yes! Websites can have just as many dangers as other things. Thus, we have to be just as cautious.

Parts of the website that say things like “Click Here!” or “Download Here!” without telling you what it is. Always be sure of what links will do. The website should explain this clearly to you, but if it doesn’t or you are uncertain that the button will be safe, follow your instincts and don’t press it.

Handout

Time to decode a message! Can you figure out what the statement is using the key at the top? Use the button below to download this handout, and then print it out and see if you can “engineer” a solution! Let us know if you figure it out on our social media page!