Social Engineering Tactics Used by Scammers

Author: Nichlaus O.

December 23, 2021

Have you ever received an email, text, or call from any source other than the government, asking for information that sounded harmless to you? If you gave any information without understanding what it leads to, you may have been a victim of a fraudulent social engineering exercise.

What is Social Engineering?

From an Information Security perspective, ‘social engineering’ refers to all the attempts to trick people into giving secret or personal information, especially on the internet, and using it for harmful purposes.

One way that scammers and fraudsters know what you could fall for is by building a profile on you. They scour the internet for intimate details of your personal life. This is also a key goal in romance scams where a love interest is wooed to give details of their finances, location, workplace, and even neighbors. 

What looks like a harmless chat to you can be vital information for scammers. So, how does it work? 

Social Engineering Techniques

An attempt to steal your information may begin with an innocent-looking text with a link to an attractive offer. Fake shopping discounts and vouchers are the top bait. Clicking the link takes you to a site specifically set up for phishing, malware, or simply collection of your contact details for spam and marketing lists. 

“So what if I get some spam emails? That’s normal.”, you might think. Here is what happens behind the scenes: 

  • Scammers only had your phone number.
  • You filled in your email ID and maybe address on the site the link went to. 
  • Using your email, the scammer can go to social media sites and search engines to discover your photo, real name, and more.

Do you see what is happening? Bit by bit, the information you give builds up consistently to a full picture. This is why we recommend that you must never share these details online! What began from a random text developed into giving your email and your name which revealed your social media accounts. 

The Problem of Social Media in Social Engineering

Social media accounts are a goldmine of information. Any scammer on Facebook, Instagram, Pinterest, or Twitter can usually see details like: 

  • Your real photo and those of family and friends
  • Your likes and interests
  • Your location and regular hangout spots which you post using the check-in feature on Facebook
  • Your job history and academic achievements
  • Business pages that you’ve created

If you are interested in topics on investment, you can be a prime target for investment scams or money-flipping scams on Instagram. A good tip is to limit sharing vital information on social media. 

Whereas, if you have liked a lot of shopping pages on Facebook, you are likely to be targeted by ads for fake shopping deals on your timeline. Fake ads are the number one means of scamming shoppers from social media. 

Watch Out for These Techniques

  • Vishing - phone calls made by fake tech support or customer care reps who communicate that they wish to help you and can be trusted. 
  • Baiting - scammer lures you with the promise of a sweet deal. It’s common in online shopping, online gaming, and paid software downloads. 
  • Pretexting - scammers impersonate trusted institutions like local hospitals, charities, and clubs under the pretext of asking you to contribute towards a legitimate cause.

How to Protect Yourself

  • Reject all unwarranted requests to give your financial and personal information like bank details and ID. 
  • Secure your computer and phone by setting up security apps and features, and always keep them up and running. 
  • Be wary of requests to offset your help when it comes from any business or charity you have no relationship with. 

Report a Scam!

Have you fallen for a hoax, bought a fake product? Report the site and warn others!

Help & Info

Popular Stories

As the influence of the internet rises, so does the prevalence of online scams. There are fraudsters making all kinds of claims to trap victims online - from fake investment opportunities to online stores - and the internet allows them to operate from any part of the world with anonymity. The ability to spot online scams is an important skill to have as the virtual world is increasingly becoming a part of every facet of our lives. The below tips will help you identify the signs which can indicate that a website could be a scam. Common Sense: Too Good To Be True When looking for goods online, a great deal can be very enticing. A Gucci bag or a new iPhone for half the price? Who wouldn’t want to grab such a deal? Scammers know this too and try to take advantage of the fact. If an online deal looks too good to be true, think twice and double-check things. The easiest way to do this is to simply check out the same product at competing websites (that you trust). If the difference in prices is huge, it might be better to double-check the rest of the website. Check Out the Social Media Links Social media is a core part of ecommerce businesses these days and consumers often expect online shops to have a social media presence. Scammers know this and often insert logos of social media sites on their websites. Scratching beneath the surface often reveals this fu

So the worst has come to pass - you realise you parted with your money too fast, and the site you used was a scam - what now? Well first of all, don’t despair!! If you think you have been scammed, the first port of call when having an issue is to simply ask for a refund. This is the first and easiest step to determine whether you are dealing with a genuine company or scammers. Sadly, getting your money back from a scammer is not as simple as just asking.  If you are indeed dealing with scammers, the procedure (and chance) of getting your money back varies depending on the payment method you used. PayPal Debit card/Credit card Bank transfer Wire transfer Google Pay Bitcoin PayPal If you used PayPal, you have a strong chance of getting your money back if you were scammed. On their website, you can file a dispute within 180 calendar days of your purchase. Conditions to file a dispute: The simplest situation is that you ordered from an online store and it has not arrived. In this case this is what PayPal states: "If your order never shows up and the seller can't provide proof of shipment or delivery, you'll get a full refund. It's that simple." The scammer has sent you a completely different item. For example, you ordered a PlayStation 4, but instead received only a Playstation controller.  The condition of the item was misrepresented on the product page. This could be the