SOCIAL ENGINEERING
By definition, social engineering is the art of manipulating people so they give up confidential information.
There are a range of malicious activities that fall in the category of social engineering and they all can happen in one or two steps. First, the attacker will investigate the victim to gain just enough background information to make it simple to access weak points of security. Second, the attacker will push to gain the trust of the victim in order to reveal sensitive information and receive access to confidential resources. If you don’t know what to look for, these schemes can happen successfully and without suspicion.
Types of Social Engineering
1. Phishing
The practice of sending emails pretending to be a reputable company with what is commonly known as link manipulation.
Example: Receiving an email with the link to what looks exactly like the UBank website but the site requests you to confirm or update your information. *Please note* that if more than u.bank shows up in your URL, it is not UBank.
2. Baiting
Baiting: This involves offering the victim something appealing in exchange for private information.
Example: Receiving an email or text message with a “too good to be true” downloadable link or attachment. Once the bait is clicked on or used, malicious software is automatically downloaded to your personal computer or phone allowing the hacker in and able to see sensitive information.
3. Vishing
Similar to the following two scams, this particular one involves phone calls or voicemails from scammers pretending to be a reputable place of business in order to obtain information.
Example: A fraudster calling claiming you have fraudulent charges on your account and offering to block the charge if you give them the full card number associated with the account for verification.
How to Avoid Social Engineering Scams
- Do not answer a phone call from an unknown number.
- If you do answer, do not give out personal information.
- Do not press buttons or respond to prompts.
- Be sure to verify a site’s security and be wary of pop-ups.
- Do not click on links or attachments in an email or text message from an insecure source.
Knowing what to look for is a great way to keep your information safe but our Customer Service team is a phone call away at (936) 639-5566 if you have any questions regarding these types of scams!