Protect yourself from social engineering attacks

What to do

Stop and think before sharing information with someone, could it be a social engineering attempt?

Be aware that scammers will use a range of social engineering techniques to try and get information from you.

No one is too small to be a target.

How to do it

Social engineering relies on manipulation tactics to get you to act before thinking. When you know what to look out for, it’s easier to know what to do next.

Here are some ways you can spot social engineering attacks:

• Is a message or call unsolicited?
• Are they asking for something out of the ordinary?
• Is the person trying to apply pressure to make you act immediately?

Examples of social engineering methods:

• Receiving an unsolicited email, call or message from someone who claims to be from the Monash Service Desk asking you to reset your password and provide it to them directly.
• Receiving an email from someone claiming to be from your bank asking for personal information, such as your account number, password or PIN code.
• Being asked for information about Monash or your details by someone claiming to be from HR.
• Receiving a LinkedIn message offering you career advancement, research or collaboration opportunities.

The more information attackers have about you the more convincing they can be. Read the secure your social media accounts section below for further information on keeping your personal information safe.

Why it matters

Social engineering is one of the most common techniques used by cyber criminals and scammers.