Social Engineering
Rev. 9-2025
What is Social Engineering?
Social engineering is any attempt to trick you into giving confidential information or performing actions you should not.
It can be carried out through:
- Phone calls
- Regular mail
- In person
- Online platforms
Best Practices to Protect Yourself
-
Know beyond a shadow of a doubt who you are dealing with.
-
Watch for Red Flags in all correspondence:
- Does it instill fear or concern?
- Does it prey on greed?
- Does it invoke curiosity and take advantage of real-life events?
- Does it prey on emotions?
Tip: If any of these are present, stop immediately and verify using an alternate method.
-
Never accept unsolicited help on your computer, including:
- Pop-ups
- Phone calls
- Emails
- Text messages
Email is still the most common method used to trick you.
Email Red Flags
- Is it an unexpected email?
- Did you provide the sender your email?
- Is it personalized or generic?
- Are there typos, misspellings, or inconsistent fonts?
- Is the information accurate (e.g., names, account numbers)?
- Does the email make sense and flow logically?
- Was the email sent to multiple recipients?
Action: If you have any concerns, call the sender directly using a verified contact method to confirm legitimacy.
Additional Notes
- Be aware that social engineering scams are increasingly AI-generated, including emails, texts, and even phone calls that mimic real people.
- Always pause, evaluate, and verify before sharing information or taking action.
If you’d like a PDF of this article: Social-Engineering-2025