Information Overview

Social engineering is the act of making people perform actions or divulge confidential information using trickery and impersonation, rather than technical skills and hacking. More Details

Things To Watch For

  • Unsolicited emails or phone calls
  • Poor 'sppelling' and grammar 'yno', particularly in emails.
  • Website links, or a caller giving you a number to call them back on to verify their identity.
  • Requests for passwords, PINs or other personal information.
  • Requests for information that you would reasonably expect the caller to have if they are who they say they are (e.g. somebody from the bank asking for your account number).
  • Threats of dire consequences if you don't provide the information.
  • What you can do to protect yourself

  • For emails, contact the organisation directly by phone to confirm if the email is genuine. Do not use any contact details provide in the email: use your normal contact details for them.
  • For phone calls, take the caller's details (name, department, location) and again, contact the organisation by phone to verify. As above, do not use any contact details provided by the caller.