Ever received a phone call claiming they are from Baiduri Bank or any other financial institutions asking for your personal details? Well stop before divulging all your secrets – you may be a victim of social engineering.
They use a variety of psychological tactics to instill fear, excitement or urgency to gain your trust and manipulate you into giving up sensitive information.
However, no matter how advanced and secure the technology is to protect your account, the best defense will still be you. You need to recognise signs and red flags for social engineering attacks.
In this article, we'll explore different types of social engineering tactics used over phone calls and offer tips on how to protect yourself.
How Social Engineering Tactics are Used Over Phone Calls
They pose as Banks or Government Agencies
They always have a story
They bait you with a free gift or prize
How Do Social Engineering Attacks Work?
However, they all follow a similar pattern. The four phases of a social engineering attack are:
1. Recognition
Here, the attacker gathers information about you. This can include anything from your social media profiles, things you post and so on. The goal is to identify potential vulnerabilities and find ways to exploit them. The more they know about you, the more likely are you to lower down your guard.
2. Target & Attack
Once the attacker has gathered enough information, they move on to the targeting phase. This is where they select their victim and craft a convincing story that will lure you into giving up your personal information. The story may involve a fake emergency, a plausible reason for needing the information, sometimes creating a sense of urgency or fear or a promise of a reward or benefit.
They may pose as a trusted authority figure, from banks, or government agencies, or even friends or family. The goal is to get the victim to again, lower their guard and provide the requested information.
3. Exploit
Finally, in the exploitation phase, the attacker uses the information they've gathered to carry out their malicious activities.
This may involve transferring out large sums of money, making fraudulent purchases, or even stealing the victim's identity.
4. Retreat
As soon as criminals complete their mission, they’ll vanish with as little evidence as possible. Sometimes, you won’t even know what’s happened until they’re long gone.
Tips on How to Protect Yourself
Be Cautious of Unsolicited Phone Calls
Never Share Personal Information
Verify the Identity of the Caller
Stay Informed
Conclusion
Stay vigilant and stay safe.