Two Common Types of Social Engineering Scams
For the past 30 years, Charles C. Fawcett IV has served as an executive in the finance and banking industries. Serving as the president of private banking at Tri State Capital, one of the largest private banks in Pittsburgh, Charles C. Fawcett IV has co-authored white papers on reducing social engineering risks through improved data security and staff training. Social engineering refers to the attempt to steal sensitive data by exploiting human vulnerabilities. One form of social engineering is called phishing, which is when a person receives a fraudulent email that appears to come from a trustworthy source. The phishing email typically contains a link to a website where they are asked to sign-in to address a problem with their account, but it actually is a fake website. After the person enters their logon information, the hacker has gained access to sensitive information like passwords and account details. Vishing, or “voice phishing,” is another form of social engineering that happens over the telephone. Victims of these attacks receive a phone call from someone claiming to work for a bank or other entity that the person is familiar with. Sometimes, vishers even use a technique called caller ID spoofing to make it appear as though the call is coming from a legitimate source. Providing training to prepare employees and clients for these types of scams can help reduce their effectiveness.













