You may have heard about computer viruses, malware, and other ways the devices you connect to the internet can be infected. But cyber criminals use psychology, too. They use many ways of creating believable stories that can trick people into doing risky things online, such as:
Clicking on bad links, sending money to people they don’t know, or revealing personal information that can be used in other cyber crimes.
[Visual: Employees at small businesses, at home and at work, reading professional emails that contain requests to connect, or ask for changes in how a vendor is paid.]
This type of scamming is known as “social engineering.” Social engineering can happen through email, on social media sites, texts, phone calls, or even a combination of them all.
[Visual: People visiting professional and social media sites, and receiving an unsolicited phone call from someone who claims to know them or someone they are familiar with.]
But however it happens, cyber criminals depend on convincing a person that they’re honest and who they say they are.
To do that, a criminal will try to get you to believe they’re friendly, or someone in authority you can trust.
How would this work? It might be as simple as criminals sending you an email during a public health crisis, or financial emergency.
The email may contain instructions to click on a link for more information, or to fill out a form.
These scammers are counting on a few people who are worried about the crisis to make a quick decision, follow their instructions and reveal personal information or passwords to their accounts.
[Visual: People at work and at home during an event when normal routines are disrupted, such as a public health crisis, when online communications become even more important as a means to stay connected and informed.]
Other cyber criminals may watch social media platforms over time to learn personal details about people.
They will look for clues about where they live, who they socialize with and what groups they belong to.
[Visual: Accelerated video of Grand Central Station during normal operation, followed by a woman’s hands holding a cell phone.]
These scammers then might reach out as a person with similar interests or friends in common.
They may also pretend to be administrators from companies whose products you use or where you have an account.
They may inform you there is a problem and they need your account information or credit card number to resolve it. But in fact, there is no problem. The ‘administrator’ is a criminal, who is after your credit card number and security code.
[Visual: A red brick walls dividing two pillars disappears, providing visual access to payment information, which represents a cyber criminal breaking down an employee’s defenses through social engineering.]
So how can you stay alert to possible social engineering scams?
[Visual: Man at work considering whether a communication he has just received is from a legitimate colleague or professional contact.]
These habits can help keep your online activity and personal information safe from cyber criminals:
[Visual: ‘These habits can help keep your online activity and personal information safe from cyber criminals’ appears over a square with a red head and shoulders, representing a cyber criminal, and a circle with another icon at the center and a red lock in a shield, representing a person with an online presence who may be the criminals’ target.]
One: Stop and think. These criminals depend on our natural desire to trust and help others without thinking things through. Look carefully at any emails from seemingly authoritative sources. If they have spelling errors, unusual word usage or don’t look like you’d expect, be very cautious.
[Visual: ‘1. Stop and think’ appears above graphics in which the red icon of the cyber criminal shifts onto an email, which is reviewed under a magnifying glass to represent careful review of unusual communications.]
Two: No matter how normal the communication seems, do not send payment or payment information to a person you’ve met online.
[Visual: ‘2. Do not send payment or payment information to a person you’ve met online’ appears above the red and grey icons of the cyber criminal and their target, with two laptops and an x-marked credit card between them, representing the danger of sending payment to people we do not know.]
Three: Think carefully before you post personal information online.
Check your privacy settings: Don’t keep your accounts in ‘public’ mode unless it’s necessary.
Social engineering scams succeed when we’re careless about what we share online and who we share it with.
[Visual: ‘3. Think carefully before you post personal information online’ appears above a representation of privacy settings in a social media account being taken out of ‘public mode.]
By staying alert, we can continue to explore and share while staying safe.
[Visual: Two people who understand social engineering threats are able to use social media and work emails with confidence.]
[Visual: Bank of America logo]
Better Money Habits®
The material provided on this video is for informational use only and is not intended for financial or investment advice. Bank of America Corporation and/or its affiliates assume no liability for any loss or damages resulting from one’s reliance on the material provided. Please also note that such material is not updated regularly and that some of the information may not therefore be current. Consult with your own financial professional when making decisions regarding your financial or investment management. Ⓒ 2021 Bank of America Corporation.