The Rise of Social Engineering Fraud

Fraudsters use social engineering tactics to succeed by tugging at the basic human instincts to please. These scams look to catch employees offguard, dupe you to comply with instructions from a malicious actor, and get you to act quickly.

Targeting the Weakest Link: Humans

One of the fastest-growing corporate crime threats does not exploit IT or information security weaknesses; instead, fraudsters are targeting the weakest link: humans. Social engineering fraud is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information. The four main ways in which social engineering occurs is by phishing, in which the hacker uses email to trick someone into giving them access to some kind of account, login, or financial information; vishing, which is the same but through voice, such as a phone call; impersonation, which is done on-site, through email, or text; and SMiShing, which occurs through SMS text message. What makes social engineering fraud especially dangerous is that it relies on mistakes made by legitimate users –like your employees using technology.