What Are Social Engineering Scams—and How Can You Avoid Them?
Presented by Will Berigan
You receive an email from a website you regularly use asking you to click a link to change your password
due to suspicious activity. You take a phone call from the IRS asking you to verify your bank account or
social security number. You get a text saying a family member was in an accident and they need money
for emergency room bills.
These requests appeal to your sense of trust and seem like legitimate things to ask of you, so there’s a
good chance you’ll respond or comply. But beware; these are common social engineering scams, which
are ploys to access your sensitive information or obtain money using psychological manipulation.
The best way to avoid being a victim of this type of attack is to recognize the signs and know how to
protect yourself. Here are the most common social engineering scams:
Phishing, smishing, vishing. These words may sound like nonsense, but they’re all widely used ways to
trick you into giving away your personal information. Phishing occurs when a scammer sends you an
email with a seemingly legitimate link to click, such as an email requesting a password change. Once you
click and enter your password, bank account number, or other sensitive information, scammers receive
access—and you might not even realize it. Smishing is a similar scam via text, and vishing is via phone or
Protect yourself. Don’t click links from someone you don’t know, or even from an organization
that might look legitimate. Go to the actual website and reach out using their posted contact
information. Similarly, if someone calls you out of the blue and requests information, tell them
you’ll call their organization back using a verified number. If you call the IRS, for example, they’ll
likely tell you it wasn’t actually their representative calling to solicit information from you. If you
receive a text and don’t recognize the sender’s phone number, don’t respond, even if the text
indicates it’s from someone you know.
Piggybacking or tailgating. To carry out this type of attack, the perpetrator will try to gain physical
access to a restricted space or device by following an authorized person. Think about a delivery driver
asking you to hold a door open so they can deliver a package to someone in the building or an innocent seeming stranger at a coffee shop asking to borrow your phone or laptop to look up information. Once
given access, the scammer can steal your private information in a short amount of time.
© Copyright 2020 | Shamrock Wealth Management | All Rights Reserved