The human mind is susceptible to manipulation. This is the reason why smooth-talking scammers are deceiving, intelligent, well-meaning people all over the world. The process, called social engineering, is where predators exploit human interaction to illicit access to sensitive information. This practice can be done over the phone, in person, or online. Victims of social engineering oftentimes find themselves being persuaded into letting down their guards – deviating from normal security procedures, or even common sense. Targets are tricked into freely giving scammers money, access to confidential information, or even their hearts.
Social engineering relies heavily on exploiting human interaction to illicit a multitude of sensitive information, including credit card or bank account numbers, social security numbers, log-in credentials, remote access to computers, or even physical access to buildings. This process usually involves a confident smooth talker with a smooth story, and it always relies on the manipulation of the human psyche. Victims of social engineering rarely know they are being taken advantage of until after the fact, if ever.
Some of the most common social engineering scams occur through social media. First, there is the “distress scam.” This occurs when a person posing as a relative or friend sends you a message on Facebook, telling you that he is out of town (usually out of the country) and has lost his wallet. He asks you to wire him a sum of money for assistance with a request “not to tell anyone in the family because he feels stupid.” He may even tell you that he is being held by a kidnapper and needs you to send money, but admonishes you against telling the police. The victim of the scam unwittingly wires money to a thief, which becomes virtually untraceable.
Another social media scam is known as “catfishing.” This is where a scammer creates a false online persona and tricks new “friends” into giving their hearts away. Catfish usually keep aspects of the relationship limited to emailing and messaging, but they are sometimes so brazen that they expand the contact to include phone calls. Some catfish are so skillful at their manipulation that they can keep “relationships” going for months or years. They often trick their targets into giving away money or expensive gifts, in addition to their undying love.
Are you too savvy in social media to fall for such outrageous scams? Keep reading to see if you could outsmart these social engineering scams…
The “Vishus” Banker: A scammer leaves a voicemail message for a would-be victim stating to call his bank regarding some suspicious activity on an account. The scammer leaves a toll-free number for a return call. As you may know, vishing is a term used to describe a phishing scam that adds a voice or telephone component. In this scenario, the victim calls back the number and is prompted by a series of voice commands to enter sensitive information. The victim could then be connected with a live operator who tricks the account holder into giving even more personal or confidential information.
Piggyback Rides: A scammer shows up at the front door of a restricted facility on a rainy day, early in the morning, with his hands full of boxes. He asks a target to hold the door for him, and is promptly obliged. Oftentimes, the scammer does not even have to ask for assistance, the kindness of a stranger is usually granted without question.
Whether a social engineer is using one of the common schemes that were highlighted in this article, or is trying to initiate a scam of a different sort, it is important to be cognizant of anyone who is asking for personal information or access to restricted spaces. A good rule of thumb is not to be afraid to ask questions, and to follow your instincts on situations that you deem questionable.