As technology becomes more sophisticated, so too do cyberattacks and, as a result, digital fraud. More and more of our personal data now lives online, potentially opening you up to cybercriminals gaining access to information that can compromise your finances.
But even if you’re protective over your sensitive information, cybercriminals are now using complex exploitation techniques, often referred to as “social engineering,” to trick you into handing over your details to enable them to commit fraud against you.
The best way to keep your most personal data protected and stay alert to social engineering schemes is to be aware of what to look for when interacting with people you’re not familiar with or just recently met.
What is social engineering and how does it contribute to fraudulent attacks?
Social engineering attacks are a specific type of digital or cybercrime where hackers and cybercriminals deceive their victims using psychological tactics to trick them into revealing sensitive personal data. The scammers prey on basic human psychological needs, such as a willingness to help or the fear of repercussions if not completing a task, making it easier for them to manipulate their targets.
The goal of a social engineer is to get the victim to trust them and believe they’re a genuine person asking for this information for a legitimate reason. They often do this by posing as someone you should trust or an authoritative figure such as a bank or government official. Once the criminals have the information they’re after, they can use these details to take their money, apply for loans while pretending to be the victim, or even take their social security or other government benefits.
Social engineering attacks are different to those of other hackers who may try to infect a digital device with a virus or use a brute force attack to hack into a wider digital system and steal the data within this. Instead, these criminals target victims directly and trick them into giving over their information willingly.
The anatomy of a social engineering scam
With most social engineering attacks, the cybercriminal will be focused on one particular target. This likely comes after research into a possible victim and who would likely be considered an easily manipulated individual. Victims can be selected through a process known as spear phishing, where information is gathered about a victim via public records.
Criminals may also use public social media profiles to target victims, which is why it’s always important to be careful about the information you choose to share online. For instance, if a scammer targets an older victim and finds out that they have teenage grandchildren, they could use emotional manipulation tactics by posing as one of the grandchildren and asking the victim for money.
Once the scammer has chosen their target and researched them, they’ll typically reach out with some form of harmless communication like a text or email, but build in some form of urgent need. If posing as the victim’s loved one, the scammer will likely be more susceptible and follow the directions of the scammer to hand over details like a social security number, other personal details, or monetary aid in a form that can’t be returned or disputed like a cashier’s check.
Typically, there’s a sense of dire need for this information or money to create panic in the victim and leave them with little time to think through what’s being requested of them. If the scammer is successful, they will then attempt to cover their tracks by deleting email addresses, canceling the temporary phone number, or removing their social media profiles.
Types of social engineering attacks
Social engineering scams can come in many forms, but some are more common than others:
- Phishing. This can happen via either email or text message, as it doesn’t require the scammer to physically speak to their victim, which is especially important if they’re pretending to be a loved one. These messages can be sent over time to gradually build trust, making the victim more likely to agree to their requests.
- Pretexting. A form of phishing, this is where victims are sent text scams directly to their devices. Victims may receive messages where scammers pretend to be a bank or government agency, where the victim fears some form of financial repercussion if they don’t comply.
- Vishing. Voice phishing or vishing is where attackers leave messages or make phone calls pretending to be an official from a financial institution, government agency, or even something more personal like the victim’s work in order to gain information from them.
Social engineering fraud red flags to watch out for
The best way to be proactive about fraud prevention is to understand what to look for when it comes to social engineering scams.
Unusual urgent requests
If you receive a message requesting something urgent like an overnight postal delivery, a cashier’s check, cash, or gift cards, this is a strong indication that a social engineering scam is happening. This is particularly the case if there’s a sense of urgency behind the request, or if the request is coming to you by email, text, or voicemail.
Unrecognizable contact information
If someone you know is trying to reach out to you, they’ll likely contact you via a phone number or email that you’re familiar with. Look out for any forms of communication that look suspicious, or are from contact details that you don’t recognize.
Check your own records in your phone and compare them against the number or email you’re receiving a message from. If these don’t match, reach out to your loved one to confirm if they have new details, as this is likely a scam if not.
For any emails that are reportedly from a business or government agency, compare the address with the URL of an official website to ensure they’re a match. Remember that official places like banks and government agencies will never reach out to you for financial requests or personal details via text or email.
Inconsistent visual signals
Always look at the body of an email itself and check to see if branding is consistent with the business that you’re familiar with. Also look for spelling and grammar errors, or if the visuals are slightly off. If they are, go to the website directly and look for any information or update your accounts via the website. Never click on any of the links within suspicious emails.
What to do if you’ve been a victim of social engineering
Whether you’ve gone through with a scammer’s requests or you’re simply suspicious that a scammer is trying to manipulate you, you need to take action as quickly as possible.
If you notice suspicious activity or suspect you’ve fallen victim to fraud impacting your ANB account(s), contact your banker or our support team immediately.
- Treasury Services Support: 833-774-6897 or [email protected]
- Personal Banking Client Support: 800-279-0007 or [email protected]
Contact your local law enforcement agency and report the issue to the Internet Crime Complaint Center branch of the FBI. You can file a complaint online directly with this agency, as they’re specifically equipped to deal with these types of issues. There are also resources on their website where you can learn more about different types of cybercrime and how you can keep your most important data protected from criminals online.
Recent Updates
-
10.15.2025 | Business BankingProtecting your company from business payment fraud
One hard truth of business is that scammers are always on the prowl. For them, your hard work is their...
-
07.10.2025 | Business BankingHow to protect business deposits that exceed FDIC limits with ICS and CDARS
Gain FDIC protection for balances above 250K through ICS and CDARS If your business is growing and your deposits now...
-
04.19.2025 | Business BankingLoan options for first-time franchise owners in Omaha and the Twin Cities: A complete guide
Franchises offer a unique business opportunity for first-time owners, especially in growing metro areas like Omaha or Lincoln, Nebraska; Council...
