IT security tip: How to spot social engineering scams

Social engineering can be broadly described as a technique to trick people into sharing information they normally would not.

For example, most people would never give their credit card or bank account number to someone on the phone they don’t know. And yet, it happens too frequently. Why? Because we are human and many criminals commit crimes by manipulating our emotions.

Consider the following:

You receive a phone call from someone claiming to be from the Internal Revenue Service (IRS). The caller states that you owe $10,000 in back taxes. If you pay right now, over the phone, you will not incur any additional fines. If you don’t, you owe $20,000, your wages will be garnished, and law enforcement may seize your home and/or vehicle.

Here are some red flags from the scenario above:

• You unexpectedly and coincidentally receive the call during tax season
• You are threatened with significant financial impact from a large government agency
• You are threatened with losing your wages and property
• You are threatened with a visit from law enforcement
• You are provided with a quick and immediate escape route that seems legitimate

In this example, the caller’s requests are meant to inhibit your critical thinking processes. If you believe you’re being scammed, before you respond, stop, breathe, and think. Taking a few seconds to consider the situation, calmly, could prevent you from being a victim of a crime. You can read more about the IRS and associated scams on the IRS’ Report fraud webpage.

You can read more about social engineering on the Cybersecurity and Infrastructure Security Agency’s blog.

 

Node 4 Search