Phishing and Social Engineering
Scammers trick people into giving away passwords, bank details, or personal information through fake messages or calls. Always verify who you’re talking to and never share sensitive data.
What is phishing and social engineering?
Phishing and social engineering are techniques used by fraudsters to deceive you into revealing personal, financial, or login information.
These scams often come in the form of emails, phone calls, text messages, or fake websites that appear to be from trusted sources like your bank, a government agency, or even colleagues. The goal is to trick you into clicking a malicious link, opening an attachment, or sharing sensitive data.
Social engineering goes beyond phishing by using psychological manipulation, creating a sense of urgency, fear, or trust to influence your actions. This could include pretending to be tech support, your boss, or a family member needing help.
How to avoid it
- Always type the website address manually. Don’t rely on links in emails, texts, or search engines.
- Check for spelling errors and poor design. These are common signs of fake websites.
- Look for HTTPS and a padlock icon in the browser bar. But note: even scammers can use HTTPS—so also verify the actual domain name.
- Be cautious of pop-ups or sites asking for too much information. Especially if they ask for PINs or passwords.
- Use security tools. Keep your antivirus and browser protection features up to date.
Remember
Your bank, employer, or any reputable institution will never ask for confidential information through unsolicited calls, texts, or emails. Always stop, think, and verify before responding.