Social Engineering
Social engineering is the art of manipulating people via phone calls, SMS and emails so they reveal confidential information. The criminals are usually trying to trick you into giving them your passwords or bank account information, or access your computer to secretly install malicious software–that will give them control over your computer. And then use this information in illegal activities such as committing fraud, gaining unauthorized access to systems, etc.
Always be suspicious of spontaneous phone calls or emails from individuals pretending to be from the organization you are dealing or making business with and requesting personal or confidential information. Verify their identity first by contacting their organization directly.
How to identify a Social Engineering attack
- Getting an SMS, Email or a phone call from an anonymous user pretending to represent LGB BANK, requesting a reply with your online credentials.
- Impersonating the email account of your Bank in order to trick you into giving up some personal information updates (credit card, personal or financial information).
Using different approaches and tactics that rely on influence, confidence, help & Support, intimidation, etc….
Do and Don’ts
- Do not use the same email used for your banking transactions for social media accounts.
- Do notbe influenced by the attackers’ attitude and do not take what you are told for granted. Always verify the identity of the requester and his/her authority to have the information.
- Don’t give any financial information to unknown people over phone or via email.
- Confirm the identity of the person whom you are speaking to and cross check with the bank before giving any information through the formal channels.
- Don’t leave any confidential papers into trash; before dumping, make sure you don’t have any important information in it otherwise you need to shred it.
What you should do if you are the victim of Social Engineering?
If you suspect you are a victim of Social Engineering attacks, immediately report the incident to LGB BANK’s Information Security Department/ or your branch manager.
Changing your e-banking User ID and Password might be required depending on the nature of the information you revealed.