Social Engineering Scam

Understanding social engineering scam

Social engineering scam is one fraudulent technique by counterfeiting identity of others. Fraudsters attempt to win your trust with powerful social skills, and trick you to voluntarily hand over confidential personal information or money to them by scaring you or exciting you with different lies. They usually use fake phone calls, emails, web pages and mobile applications, and pose as your relatives / friends or officials from trusted organisations, such as bank staff, telecommunications company staff, and even government agency staff and law enforcement officers (mainly local and mainland) to conduct fraudulent activities through below 5 methods in general:

Fraudsters may spread fraudulent information everywhere and make use of it as bait for potential victims. For example, posting advertisements on social media regarding promotion of investment products in the name of celebrity who will share investment "secrets" with you, and eventually asking you to disclose your personal information such as credit card information to them over the internet or the phone
Fraudsters may post recruitment advertisement on social media and induce job seekers to apply loan facilities in banks or financial institutions, claiming to offer attractive remuneration and no working experience required. They will finally disappear after collecting the full outstanding, or even use the obtained personal information for further loan application in other institutions
Fraudsters may target someone very specifically. For example, creating fake social media accounts and communicating with you in a period of time for winning your trust, and then trying to ask for money, or studying your social media posts carefully to understand your preferences, work and social circles, then creating an intimacy that will put you at ease and make it easier to trick you into taking the bait
Fraudsters may steal the instant messaging app account from others, and send message to contact person of address book for requesting money. Victims generally follow fraudsters’ instruction as they believe such message is obviously delivered by relatives or friends
Fraudsters may pose as law enforcement officers, and by claiming that you or your relatives involved in a serious criminal case (for example, unusual activities identified under your registered mainland phone number, involvement of tax evasion, unusual travel record, etc.), request you to provide sensitive information for self-defence or even to make deposit into designated account for proving clear conscience

Preventing social engineering scam

To safeguard your interests, please consider adopting the below measures to avoid falling victim to social engineering scam:

Try not to share so much personal information on social media
Do not disclose and send personal and account information easily (especially username and password). Bank staff and law enforcement officers never request for such information. Avoid disclosing and sending such information to persons even if you know their identities, as their mobile phone may be stolen by fraudsters and thus your sensitive information
Always be alert and stay calm. Suggest to hang up and seek legal advice even if the case described by the caller sounds genuine
Never click pictures or links per invitation from suspicious sender readily
Understand all privacy and security settings of instant messaging app and social media, and ensure appropriate settings have already been placed
Use the latest version of messaging app and social media applications
If your “relatives or friends” say things they do not normally say in the communication or request something you do not feel right about it, be aware and verify their identities by asking something only known between you and true relatives / friends
Use 2-step verification or biometric authentication for enhancing account security level

Search by category

Popular searches

Search by category

Popular searches

Social engineering scam