FixMeTip – Social Engineering Scams

What is social engineering?

Instead of sneaking into your system, hackers will use human psychology to trick you into essentially handing over your personal data. In addition to getting users to divulge information they shouldn’t, social engineering guides users to visit malicious websites, download malware onto their computers, and willingly send money. This method of hacking is particularly upsetting as the user is left feeling manipulated and vulnerable, in addition to having their personal information stolen.

Some common social engineering scams include:

  1. Phishingan email masquerading as a real company or “someone you know”. A link will lead you to a web page asking for your banking information.
  2. Phone Scams or “Vishing”- an incoming phone call geared to gain access to data. Legitimate companies like Microsoft would never make outbound calls to inform users their computers are infected.
  3. Tech Support Scamsimilar to vishing, except they try to get you to call them, often triggered by a false pop-up or ad. Calling this number opens a gateway for hackers to gain online banking information, implant malicious software, and steal data.
  4. Malicious Email Attachments – they appear as harmless downloadable files, however these are malicious files like malware, trojans, worms, rootkits, and ransomware.
  5. Advanced-Fee Scheme any email asking for a small donation, promising a much greater return, often claiming to be a royal family or a government official.
  6. Spam Post involves posting clickbait on Facebook with the promise of juicy content. This results in a posting loop, tricking your social network to click as well.
  7. Fake Friend aka Catfishing – common to  social media and dating sites, a typically “attractive friend” with a fake profile will eventually scam you into sending money and revealing private information.

How to protect yourself:

  • Never reveal sensitive information to an untrusted source – specifically credit card information, PIN numbers, and social security numbers.
  • Never send money to strangers.
  • Never allow an untrusted source to connect remotely to your computer.
  • Never open emails from people you don’t know – keep an eye out for poor spelling and grammar.
  • Never click on pop-ups.
  • Avoid visiting suspicious links and websites.
  • Never open emails or attachments from unknown senders.
  • Be wary of who you befriend – ensure that you actually know who you are communicating with before trusting them with your secrets.