There are several different types of social engineering which a cyber-criminal may use to extort data or information from you. To understand how they attempt to manipulate you, you need to know what each method is.
Baiting is a social engineering scheme based on the cyber-criminal offering something you want or need, to gain your information. These can be seen on a variety of websites from peer-to-peer sites to social platforms. However, these can also be found on search engine results pages and in your inbox.
Scareware manipulates users’ fears of viruses, trojans and other security breaches. They will be bombarded by fictitious threats, warnings, and alarms to prompt users to install security software to secure the device. However, by clicking install what you are actually downloading is malicious software allowing the criminal full access to your computer and confidential information.
Pretexting is when the criminals will make up a scenario and pretend to be an authority figure who requires your information. They may go so far as to use official logos and branding of that company to make you believe they are from that company or organisation
Phishing is a very commonly used tool of social engineering. This is when criminals send emails to individuals or companies with the intention to trick them into providing their information.
This is similar to phishing but in this scenario the criminal will pretend to send the email from a trusted or known sender to encourage users to give up their confidential information. These are targeted attacks and can appear to be from a specific individual you know, organisation or business.
If you read something and it doesn’t sound right or seems too good to be true, it probably is. Always think before you click on any links and don’t open any attachments where you don’t recognise the original sender or aren’t expecting an email.