Social engineering – they know what you’re thinking

By Mark Molzen

Social engineering is the practice of manipulating people to obtain confidential information to commit fraud. A social engineer will commonly use the telephone or Internet to trick people into revealing sensitive information. They will collect basic pieces of information and then use these seemingly insignificant pieces of data to appear “credible.” This allows them to gather increasingly substantial information.

Recognizing the characteristics

Be aware of the methods used for social engineering:
• Phone solicitation: caller fakes a survey to collect information.
• Phishing: e-mails seeking information or validation of e-mail address.
• Spam: e-mails that contain malicious software, such as worms or viruses.
• Dumpster diving: thieves looking for sensitive information in the trash.

Recognizing the signs

Here are some signs that you may have a social engineer on the phone. The caller:
• Refuses to give their contact information.
• Rushes you for quicker responses.
• Name-drops.
• Intimidates you.
• Speaks in a muffled or difficult-to-understand voice.

What do I do?

If you suspect that you have a social engineer on the phone, hang up without offering personal information. Call the company’s corporate headquarters and ask to speak to a supervisor to try and verify that the person who called you is, in fact, a representative of the company.

For additional tips on Internet security, visit:

Leave a comment