bov-logo
Log in
HeroImage

SPOT THE SCAM

Frequent bank impersonation scams

Social engineering scams are increasing. Fraudsters pretend to be your bank via calls or texts. They try to trick you into sharing personal and sensitive information. Learn how these psychological tactics exploit urgency and trust to steal your money and personal data.

Hackers and Scammers nowadays can make their calls and text messages appear to come from your bank. They can send you text messages that appear authentic when compared to other messages.

We have previously highlighted some common bank impersonation scams. Here we are going to outline a few others that scammers use through Social Engineering tactics.


Social Engineering

Scammers use psychological tricks to manipulate victims into revealing sensitive information or carry out actions that benefit the scammer. Different types of Social Engineering exist.

They create a narrative that sounds genuine enough for you to act swiftly. The urgency in tone or the wording may convince you to click a link to verify your account or make an instant payment. They can also ask you to transfer money to an account ‘to keep it safe from other scams circulating around’.


Tactics used by cyber criminals

Here are a few ways scammers can trick their victims through Social Engineering.


Pretending to be a credible brand or an authority figure

Scammers often pretend to be organisations that victims know and trust. As a result, victims follow instructions from these brands or agencies without being careful.
Some scammers can make fake websites that look just like those of large brands or agencies.


Prompting a sense of fear or urgency

People tend to react excessively when in a fearful situation or one that requires immediate attention. Social engineering can appeal to the victims’ fear of missing out and can create a sense of panic.

Informing the victim that a virus has infected their computer creates a sense of urgency and stress.


Additionally, saying that a recent payment has not gone through can also lead to urgency. This kind of scamming is called Baiting.


Appealing to quick money-making schemes


Social engineering makes use of people’s wish to make quick money. Scammers ask for a small advance fee or bank account information in exchange for a huge financial reward.
They can use social media to sell a fake investment. They usually do this by using the name of a trusted authority or company. This is called a Quid Pro Quo attack, which involves an exchange or trade.
A few years ago, a fake investment company pretending to be Microsoft tricked people into ‘buying’ fake crypto schemes. In return, the victims gave away their financial information.


Attracting people’s curiosity or helpfulness

Social engineering tricks can also appeal to people’s good intentions. A message from a friend or someone in need asking for help could request you to take a survey or include a fake bank link. This could also be a pretext for malware download.

How to avoid Social Engineering scams


Verify contacts
You can protect yourself against most phishing emails by verifying they are from trusted senders.
You can do this by:
bullet-item
Hovering over the domain name in the email address. This is the part after the @ symbol in the title.
bullet-item
Look out for any grammar mistakes, misspellings, or typos.
bullet-item
Copy the domain name in the search engine to check if it’s legitimate.


Look out for website certification
You can check if a website is secure without clicking on a link. Secure URLs start with an ‘HTTPS’ instead of ‘HTTP.’ If a website raises your suspicions, avoid clicking on it. Click instead on the padlock icon near the address bar, and it will show if the site has an SSL certificate.


Avoid tempting offers
Be wary of any deal that looks too good to be true! Ask yourself: Is the sender benefitting from it in any way? The golden rule is: if you’re not paying, you’re the victim or the product.


Implement two-factor or multi-factor authentication
Two-factor or multi-factor authentication require users to provide different sources of data to access system. A user might need to enter a code via email or SMS along with a password to access a website.
This makes it much harder for scammers to access any system because the process becomes too multi-layered for them.


Create strong and complex passwords

Complex and difficult passwords prevent scammers from accessing personal details and confidential information through easy guesswork. Do not include the names of your pets, hometown, schools, or anything else that can easily identify you.
Complicate your password by adding numbers, capital letters and symbols.


Conclusion

Social engineering is a means by which scammers can gain access to sensitive information through tricks and deceptive measures.
Some of these measures include acting like a trusted brand or authority. They create fear or urgency. They also appeal to people's desire to make quick money and spark curiosity.
You can avoid some scams by checking contacts and looking for website certification. Be careful of offers that seem too good to be true. Use two-factor or multi-factor authentication. Also, create strong and complex passwords.