Social engineering

What social engineering
attacks are and how
to avoid them

What a social engineering scam is

A social engineering scam is when a hacker tries to trick you into giving over personal information about yourself, such as your login details or passcode for Digital Banking.

Common types of social engineering attacks

Fraudsters might try and contact you via telephone, email, text or even through social media. Criminals will use social engineering to exploit your natural human inclination to trust other people.


Telephone fraud

Telephone fraud is one of the most popular methods of fraud. Here's some help to stop you being a victim


Text message fraud

Is when a fraudster sends a text message to try and trick you into giving away your personal and security information.


Email fraud

It's when you get emails pretending to be from legitimate sources, but they’re asking you to give away personal or private information.

Other types

Some fraudsters will hack into an account, and then contact the victim’s friends pretending to be them or you may receieve an email or text message from an institution asking you to confirm your identity by handing over your card details. 

Perhaps you’ve seen a deal for a free watch from a new company or someone offering you a service for next to nothing. More often than not this will be a social engineering scam. The scammers are appealing to people’s interest in a bargain or free item. They will often ask you to put in your bank details in order to get the item, but the item will never arrive.

Some hackers will imitate a popular company and send out an email or give you a call asking if you would like more from them. For example, a hacker pretending to be a software company you use might email you asking if you would like the speed of your computer to improve. Once you agree they will ask you to authenticate who you are by giving them your details.

How to avoid social engineering fraud

Thankfully, it’s often fairly simple to spot a social engineering attack email or text message. There’s a few simple things you can look out for:

  1. 1

    Is everything spelt correctly and are you addressed by your name? Often fraudulent messages will have spelling and grammar errors and won’t address you correctly.

  2. 2

    Is what they are offering too good to be true? If it seems that way, then it probably is.

  3. 3

    Don’t download any attachments or click on any links, unless it is from someone you know and you were expecting it from them.

  4. 4

    Make sure your computer or laptop and antivirus software is up to date. If you do receive a fraudulent email, this will make sure your computer is protected if you do accidentally download an attachment with a virus.

  5. 5

    If you receive anything unexpected asking for your passwords or financial information, it is most likely a scam. If it appears to be from a friend or a company you know, give them a call to check if it was actually from them.

Something else we can help you with?