In the realm of cybersecurity, the term "social engineering" has become a notorious player, representing a crafty form of manipulation employed by fraudsters and scammers.
This method bypasses technical defences, relying instead on psychological tactics to exploit human vulnerabilities.
In this post, we'll delve into what social engineering is and how it manifests, with a spotlight on a rising threat—Vishing—and the use of advanced technologies like AI to enhance deception.
Understanding Social Engineering
What is Social Engineering? Social engineering is a strategic manipulation technique used by cyber attackers to exploit human psychology and extract sensitive information or manipulate individuals into performing actions that compromise security.
How Does it Work? Instead of targeting technical vulnerabilities, social engineering leverages human tendencies like trust, curiosity, and a willingness to help. Fraudsters craft scenarios or use deceptive tactics to manipulate individuals into divulging confidential information or taking actions that benefit the attacker.
Enter Vishing: A Vocal Deception
What is Vishing? Vishing, or voice phishing, is a subset of social engineering that capitalizes on human trust through phone calls. Scammers use persuasive tactics and voice manipulation to deceive individuals into revealing sensitive information or performing actions against their best interests.
The Rise of Vishing: Vishing has surged in popularity due to its direct and personal approach. Attackers often pose as trusted entities, creating a false sense of urgency or emergency to prompt victims into quick actions. Due to developments in AI technology some scammers have gone as far as using “voice-cloning” to imitate the voices of trusted people who know.
Verifying Calls and Texts
- Don't Assume Trust:
- If a call or text seems out of character, from a number you don’t recognise or someone requests money unexpectedly, verify this independently. Scammers may use familiar names to deceive.
- Verify Urgent Requests:
- If a "family member" urgently requests money or sensitive information or “your bank” gets in touch to say your account has been hacked and your money is in jeopardy, independently confirm the identity and number. Scammers often exploit urgency to catch victims off guard and can be very convincing.
- Report Suspicious Activity:
- Report any suspicious calls or texts to Action Fraud or other relevant authorities and financial institutions.
- Report any suspicious calls or texts to Action Fraud or other relevant authorities and financial institutions.
It's National Student Money Week (4 to 8 March 2024) and this year's theme is ‘Less Risk, More Reward: Maintaining your Financial Wellbeing at University’.
Your Student Financial Support team have compiled a selection of resources and advice to support you, particularly to help you be vigilant of scams and fraud.