06-06-2024 15:27

Social engineering: Fraudsters’ super weapon

Fraudsters play on human emotions and use technical tools to trick victims into believing that they are interacting with credible sources. By understanding both the emotional and technological aspects of these scam methods, businesses and individuals can better protect themselves against these threats.
Online meeting

Social engineering, also known as social manipulation, has turned out to be fraudsters’ super weapon.  Today, it is used in practically all sophisticated fraud attacks. Fraudsters play on human emotions and use technical tools to trick victims into believing that they are interacting with credible sources. By understanding both the emotional and technological aspects of these scam methods, businesses and individuals can better protect themselves against these threats.

Social engineering exploits basic human feelings such as trust, fear, and the desire to help others to manipulate victims into performing certain actions or revealing confidential information. For example transferring money or disclosing passwords or other sensitive data. The fraudsters’ use of technological tools to reinforce their credibility makes them particularly dangerous.

Social engineering methods

  1. Spoofing: 
    Spoofing is a kind of manipulation where the fraudsters make it look like they are calling from a trustworthy phone number when in reality they are calling from a completely different number. That’s why it is always a good idea to interrupt the call if you have doubts about what is said in the conversation – and then call the company that the person claims to work for.  This way, you can make sure that you get in touch with the right company. 

    Spoofing can also occur in text messages and e-mails where the fraudsters create a fake sender name, such as the name of a well-known company. Our smartphones do not always sort and present messages by the number they come from but by their sender name. That’s how text messages from fraudsters who use a fake sender name can end up in the same message thread on your phone as a real text message from the actual company. 
     
  2. Emotional manipulation:
    • Urgency: Fraudsters often create a sense of urgency, forcing the victim to act quickly without sufficient thought.
    • Sympathy: By portraying themselves as someone in need or telling a touching story, fraudsters appeal to the victim’s compassion and desire to help.
    • Fear: Threats of negative consequences such as legal action or loss of money are used to push the victim to act.
  3. Technological tools:
    • Phishing: In phishing attacks fraudsters send e-mails or text messages that look authentic, complete with logos and language similar to what a real organisation would use.
    • Vishing (voice phishing): Vishing uses phone calls where fraudsters can use voice-modulating software to imitate voices or create a background sound that simulates a legitimate office environment.

How to protect you company against social engineering

  1. Education and training: Regular workshops can help employees recognise signs of manipulation and fraud.
     
  2. Multiple forms of verification: Introduce policies that require multiple forms of verification for sensitive transactions, especially if they are unusual or urgent.
     
  3. Technical security: Use advanced spam filters, up-to-date antivirus software and safe internet behaviour to reduce the risk of falling into the trap.
Fraud
Insights
After reading this article, is your perception of Nordea?