What is a Social Engineering Attack?
Social engineering attacks are a type of cybercrime that involves manipulating individuals into divulging sensitive information or performing certain actions that benefit the attacker. This type of attack relies on human interaction and psychological manipulation rather than exploiting vulnerabilities in computer systems.
How Social Engineering Attacks Work
In a social engineering attack, an attacker may pose as a trustworthy individual, such as a new employee, repairperson, or researcher, and present fake credentials to gain your trust. They may then ask questions or request information, which can be used to compromise your personal data or gain access to your computer systems.
Types of Social Engineering
Click the items below to learn more about different types of social engineering attacks.
How Do You Avoid Being a Victim of Social Engineering?
- Be cautious with strangers: Don't give out personal, financial or other information to strangers, whether online or offline.
- Verify identities: Verify the identity of the person or organization requesting sensitive information before sharing it. If you are unsure if the caller if from Northfield Bank, hang up and call us directly at (833) 301-NFBK.
- Keep software up to date: Regularly update your computer, cell phone, other devices, software and browser to ensure you have the latest security patches and features.
- Use a reputable antivirus software: Install and regularly update reputable antivirus software to protect your device from malware and viruses.
- Use strong passwords: Use strong, unique passwords for all accounts, and avoid using the same password for multiple accounts.
- Be wary of suspicious links and attachments: Avoid clicking on links or opening attachments from unknown sources, as they may contain malware or viruses.
- Use two-factor authentication: Enable two-factor authentication (2FA) on your accounts to add an extra layer of security.
- Don't give out sensitive information over the phone: Be cautious with phone calls from unknown numbers, and don't give out personal or financial information over the phone unless you're certain it's a legitimate call.
- Do not allow anyone to remote access into your device: Attackers masquerade as Microsoft, Dell, HP and other vendors saying you have a virus and they need to access your computer remotely. Do not allow them. If you your device is acting weird, take it to your local service shop for diagnosis.
- Be wary of services that ask you to pay in cash, gift cards or in crypto currency. Legitimate services accept credit card payments. If a transaction is fraudulent, these transactions could be reversed. For transactions paid in cash, gift cards or cryptocurrency cannot be reversed.
- Communicate with your bank representative. If you feel you are being extorted or strong armed, contact us immediately. Extortionists can often listen to conversations between the victim and bank representatives, so write a note pass it along to the bank representative.
- Be cautious of public Wi-Fi: Public Wi-Fi networks can be vulnerable to hacking, so be cautious when using them and avoid accessing sensitive information or making financial transactions while connected to a public network.
- Monitor your credit report: You can request a free credit report from each of the three major credit reporting agencies (Experian, TransUnion, and Equifax) once a year, and review it for any suspicious activity.