What are social engineering scams?

As more of our information is stored digitally (both publicly and privately), scammers have more data to try and manipulate us with.

‍

That’s the basis of social engineering scams, where fraudsters use a unique combination of human psychology and technology to take advantage of people.

‍

What are the different types of social engineering scams, and how can you protect yourself from them? We sat down with Aaron Ramsumair, Senior Security Specialist at Cambrian, to learn more about this type of fraud:

‍

‍

How do social engineering scams work?

‍

“A social engineering scam is when someone manipulates you into divulging sensitive information or taking harmful actions by exploiting trust and emotions,” says Aaron.

‍

“It can lead to data breaches, financial loss, or compromised computer/phone/device security.”

‍

Scammers use your information to access your financial accounts or trick you into sending money.

‍

Some of the most common tactics include:

• Pretending to be a trusted source, such as a financial institution or government agency.
• Impersonating a family member. For example, a scammer may call someone and pretend to be their grandchild, using information they’ve gathered from that person’s social media page.
• Creating a sense of urgency. Scammers aim to create emotions of fear or panic so that you rush into making a decision. The more pressure they put on you to act fast, the less likely you are to slow down and spot the warning signs.

‍

‍

Examples of social engineering scams

What are the goals of social engineering scams?

‍

Once a fraudster has obtained your personal information, they use tactics like:

• Identity/Financial Theft: Using your personal information to open accounts on your behalf.  
• Blackmail: If you don’t send them money, they threaten to reveal information they found out about you online that you may not want disclosed publicly.
• Harassing family members to get to you: If a scammer finds out who you’re close with, they may harass them in efforts to pressure you.

‍

‍

How to protect yourself

‍

What can you do to avoid these scams? Make note of our 8 social engineering scam safety tips!

‍

‍

1. Be careful about what you share on social media

‍

“It’s important to be mindful about what you post online, because information on the internet stays around for a long time,” says Aaron.

‍

When using social media, make note of these dos and don’ts:

• Don’t share information that could be used to answer secret questions you’d use for account recovery. For example, the street you grew up on or even your dog’s name. Practice “need to know thinking” by asking yourself: Is this something I need to share on social media, or would this be best kept to myself?
• Do review your privacy settings to see what information is public.
• Don’t share photos that show your ID or Driver’s License.
• Do pay attention to what’s in the background of your photos that you may not be aware of and could reveal personal information.

‍

‍

2. Invest in identity protection or cyber insurance

‍

Cyber insurance helps cover costs that result from a data leak or identity theft.

‍

“Anyone can be affected by a data breach, so you must be on the defence. It’s a relatively inexpensive type of insurance, too,” says Aaron.

‍

‍

3. Make an emergency plan

‍

“Consider storing your passwords or other critical information in a safe place in case of a data breach. It can be as simple as a printed export of your passwords kept in a locked box,” says Aaron.

‍

‍

4. Use alternative email addresses or aliases

‍

“Be cautious before you share your main email with a website or business. Instead, use aliases or ‘junk’ accounts.”

‍

“Essentially, an alias will redirect messages to your main email without revealing it to the sender. This protects your email address from those who may use it maliciously.”

‍

5. Back up your files

‍

Schedule automatic backups, either on a hard drive or using cloud storage. It’s just another way to safeguard your information in case of a breach!

‍

“You can pay a monthly fee to use a service that will automatically back up all the files on your computer,” says Aaron.

‍

‍

6. Use a password manager

‍

A password manager stores the credentials to all your online accounts. Since you don’t have to remember them yourself, you’ll be less likely to re-use passwords, a practice that can lead to problems if one password is leaked.

‍

With a password manager, it’s easy to create unique and complex passwords for all your accounts. That way, even if a scammer steals one of your passwords, they won’t be able to use it to access other accounts.

‍

‍

7. Set up transaction alerts

‍

With transaction alerts, you’ll find out right away when money is being moved out of your account. This feature will automatically notify you via text, email, or both when transactions occur.

‍

Here’s how to set up transaction alerts on your Cambrian account!

‍

‍

8. Keep learning

‍

Knowledge is one of your strongest defences against scammers. We’re here to help you protect yourself with the latest information on scams and fraud.

‍

By visiting our Cybersecurity Centre, you’ll learn how to protect yourself from social engineering scams and more. Check back often to read our latest posts on fraud trends, cybersecurity tips, and more!