In this context, social engineering means to manipulate someone into doing what you want e.g. to type in login and password on a fake website so the scammer gets that information.
So, ‘social engineering’ is the methods used to trick people into doing what the scammers want.
It could be a phishing email asking you to urgently login in to your internet banking account or to call a support number as your computer has been infected with malware or a request from a company executive to urgently transfer money.
Generally, we prefer to trust people so if someone calls saying they are from your bank and they know your name and account – it’s easy to believe rather than to question everything. Maybe you answer their security questions and that gives them the details they need to access your account. It can be as simple and quick as that.
An Example Credit Card Payment Scam
A company selling telecom services receives an email from a possible new customer:
This is Bill, I have just moved into the area and I need a new phone line.
Do you accept payment by credit card?
What information do you need in order to quote for the work?
After a reply from the Telecoms Company confirming they do accept credit cards, , Bill’s next email sets up the conditions of the scam.
He’s in hospital waiting on an operation. Lots of description to make it clear he cannot take phone calls or speak to anyone and very much needs help. He describes what he wants fitted in each room and then describes the removal company that is helping him to move while he’s in hospital and they can let the telecoms company in to do a survey if needed.
The purpose of this is to set-up the Telecoms company to accept an over payment by credit card from Bill then pay the removals company, as they cannot accept credit card payment and Bill can’t pay them any other way while in hospital.
This story is complicated and relies on the kindness of the Telecoms company to take the money and pass it on but also on their desire for business.
The telecoms company agrees, takes the credit card payment and then pays the removals company as per the instructions. For example taking £1,000 for their work up front and £2,000 to pay to the removals company.
It all sounds quite safe, but then comes the sting.
The card was stolen but not cancelled straightaway and when the credit card company do cancel it then will claim the £3,000 back from the Telecoms Company who will end up out of pocket for the work they’ve done but also for the £2,000 paid to the removals company which was a fake operation.
That’s the credit card over payment scam
There are countless similar stories designed to get the punter to accept an over payment and it never ends well for the punter.
The stories are sometimes rough and have spelling and grammatical mistakes – to elicit sympathy for the scammer and at other times the stories have been polished by repeated use.
NEVER accept an over payment.
Do you have an opinion on this matter? Please comment in the box below.