What is Social Engineering
Social engineering happens when scammers trick people into trusting them to gain access to personal or financial information.
Stop Social Engineering Scams! How To Safeguard Your Personal Information Online
With modern technology, we are more interconnected than ever before. While this offers immense opportunities for nearly instantaneous communication all over the world, it can also leave us open to social engineering scams.
These scams come in a variety of shapes and sizes, but their primary goal is to manipulate people into giving away personal information that can be used for fraudulent purposes, whether that’s identity theft or system access. Internet users of all ages should be aware of social engineering as scammers continue to become more sophisticated—and harder to spot!
You’ve probably already encountered one of these attempts. Maybe an email claimed you won a large sum of money, but you need to send in a small “processing fee.” Or a phone call that looks like it’s from an official number tells you there’s a problem with your account. These are both examples of social engineering.
Understanding Social Engineering Works
Unlike traditional hacking that takes advantage of security vulnerabilities, social engineering exploits human nature and emotions. By preying on fear, excitement, or urgency, scammers can trick you into giving up personal data.
Take that email, for example. The natural first response when someone says, “You’ve won!” is excitement. A calmer, second reaction would be to wonder, “Did I sign up for any contests?” Scammers are relying on that first burst of emotion to override your caution, which is the entire point of social engineering.
Common Social Engineering Scams to Watch for
Social engineering scams come in many forms, but they are all designed with one purpose in mind: to manipulate victims into actions that are against their best interests. Here are some the most common tactics to watch out for.
- Phishing: Emails that look legitimate but ask for personal information or link to fake websites
- Smishing: Scam text messages urging you to click a link or call a number
- Vishing (phone scams): Calls that appear to come from trusted sources, including banks or utilities
- Imposter scams: Someone posing as a charity, company, or trusted organization
- Pretext calls: Scammers pretending to need information to “fix” a problem
- Baiting: Offers or items designed to spark curiosity (like a found USB drive)
- Quid pro quo scams: Requests for information or access in exchange for a benefit, job, or service
How to Protect Yourself
- Be cautious: Never share personal or account information during unsolicited calls, texts, or emails
- Verify independently: Contact organizations using official phone numbers or websites you trust
- Think before you click: Avoid links or attachments unless you’re certain of the source
- Limit what you share online: Scammers often use social media details to sound convincing
- Talk about scams: Educate family members, especially teens and seniors
- Keep devices updated: Software updates help protect against malware and security threats
What NESC Will Never Ask For
NESC Credit Union will never contact you unexpectedly to ask for:
- Your full account number
- Your online or mobile banking password
- Your PIN or one-time security codes
- Requests to move money, withdraw cash, or convert funds to cryptocurrency
If you’re ever asked for this information, stop and contact us directly.
When in Doubt, Call Us
If a call, text, or email claiming to be from NESC doesn’t feel right, trust your instincts. Contact us directly using the phone number on the back of your card or on our website — our team is always happy to help confirm what’s legitimate.