Avoid Social Engineering Attacks

Social Engineering

In a social engineering attack, an attacker uses human interaction to manipulate a person into providing them with information. People have a natural tendency to trust. Social engineering attacks attempt to exploit this tendency to steal your information. Once the information has been stolen, it can be used to commit fraud or identity theft. 

Criminals use a variety of social engineering attacks to attempt to steal information, including: 

  • Website Spoofing
  • Phishing

The following sections explain the meaning of these common attacks and provide tips on how to avoid becoming a victim.

Website Spoofing

Website spoofing is the act of creating a fake website to mislead individuals into sharing sensitive information. Spoof websites are typically made to look exactly like a legitimate website published by a trusted organization. 

Prevention Tips:

  • Pay attention to websites' web addresses (URLs). A website may look legitimate, but the URL may vary in spelling or use a different domain.
  • If you are suspicious of a website, close it and contact the company directly.
  • Do not click links on social networking sites, pop-up windows, or non-trusted websites. Links can take you to a different website than their labels indicate. Typing an address in your browser is a safer alternative.
  • Only give sensitive information to websites using a secure connection. Verify the web address begins with "https://" (the "s" is for secure) rather than just "http://".
  • Avoid using websites when your browser displays certificate errors or warnings.

Phishing

Phishing is when an attacker attempts to acquire information by masquerading as a trustworthy entity in an electronic communication. Phishing messages often direct the recipient to a spoof website. Phishing attacks are typically carried out through email, instant messaging, telephone calls, and text messages (SMS). A specific example of Phishing, known as Business Email Compromise (BEC), has become increasingly popular among cyber criminals. 

Prevention Tips:

  • Delete email and text messages that ask you to confirm or provide sensitive information. Legitimate companies don't ask for sensitive information through email or text messages.
  • Beware of visiting website addresses sent to you in an unsolicited message.
  • Even if you feel the message is legitimate, type web addresses into your browser or use bookmarks instead of clicking links contained in messages.
  • Try to independently verify any details given in the message directly with the company.
  • Utilize anti-phishing features available in your email client and/or web browser.
  • Utilize an email SPAM filtering solution to help prevent phishing emails from being delivered.

Suspicious Activity

Monitoring your account activity regularly is a good way to detect fraudulent activity. If you notice unauthorized transactions on your account, notify First Liberty Bank immediately.

Additional Resources

To learn more about information security, visit any of the following websites:

If you notice any suspicious activity in your account, call First Liberty Bank immediately at 405-608-4500.

For more safety tips and to learn how to protect yourself from fraud, please visit our website's Security Tips page.

Learn more about our Digital Banking services.

Are you a Nonprofit? We have deposit accounts just for you