Social Engineering: How Cybercriminals Exploit Human Behaviour Online

Internet connectivity continues to grow worldwide, and with it, the number of cyberattacks and their victims. According to Statista’s last study, in 2023 there were over 1.5 million data breach cases in the UK alone.

In fact this is such a concern that, for a few years now, the UK government has poured a ton of money into training staff to be aware of hackers’ tactics. For everyone else, this article will delve a bit into the tactics employed by cyber criminals to trick people.

Unmasking Social Engineering Tactics and Deceptive Strategies

Social engineering is a tactic often used by cybercriminals to manipulate people and convince them to give up personal details, download malicious software or visit unsafe websites.

Unlike other cyberattacks, social engineering focuses more on the psychological aspect, often exploiting victims’ loneliness, greed, fear and other emotions. This is why it’s important to be educated and aware of how to avoid these attacks.

These kinds of attacks date all the way back to the 90s, with infamous scams like the “Nigerian Prince” often convincing victims to send money or their credit card information.

Of course, over the years, these schemes became widely known, forcing criminals to up their game. Nowadays, social engineering goes from impersonating companies to creating false accounts on social media to sweet-talk other users and steal their details.

Educating Users on Social Engineering Risks

Details like birthdates, full names or phone numbers may initially seem irrelevant. But many cybercriminals can use them to access emails, bank accounts or even the servers of government institutions like the HMRC.

Once the thief has the victim’s details, they can sell them to data brokers, or use them to ask customer support to change the user password or email linked to the account, effectively stealing it from the owner.

Some may even go further and use the stolen information to impersonate the victim and trick their affiliates, who wouldn’t suspect anything coming from a friend or colleague.

Cybercriminals might even sneak into a company to hack its servers. One of the most infamous examples of this happened in 2014 when Sony Pictures was a victim of a phishing attack that cost them millions.

Staying Vigilant: Tips to Recognize and Thwart Social Engineering Attempts

Social media is useful for connecting with others and making new friends. However, it’s important to be careful and take some precautions to avoid becoming a victim of social engineering.

First and foremost, users should always change their account settings to restrict who can view their personal details or photos so they don’t get stolen or used to make false accounts.

Data broker companies can also help protect users’ information, erasing it from the servers of multiple websites and preventing it from falling into the wrong hands.

Of course, changing these settings won’t help if users accept requests from strangers; that’s why users should add people they know in real life or at least get referrals from their friends.

Those who want to meet new people should be careful at all times and avoid sharing details of their work or everyday routine with others, as this information could be easily used to impersonate them.