Social engineering:
A peek behind the curtain

Take the quiz!

Cyber criminals often use human psychology and the art of manipulation to scare, confuse or rush you into opening a malicious link or attachment or into providing personal information through a process known as “social engineering.”

Social engineering tactics exploit our basic human urge to respond to urgent requests (especially requests from a person of authority), make a problem go away, or simply to be helpful to lure us into giving away information that can be used to commit financial fraud.

Major events such as public health emergencies, natural disasters and high‑profile elections, or even common occurrences such as the tax and holiday seasons, present ideal opportunities for fraudsters to take advantage of our anxiety and curiosity.

Often, but not always, criminals will also try to scare us into acting, by threatening us with consequences if we don’t respond.

Stay in the know!

The CBA publishes a regular Fraud Prevention Tip email newsletter. Sign up to learn about the latest frauds and scams.

How much do you know?

You receive a text with an offer for a lucrative job opportunity. You’ve been looking for a job recently, so it makes sense you’d get this text and this offer sounds great! You don’t need to worry that this is a scam.

Actually, that's incorrect.

That's right!

CBA Resources

1. How to identify and avoid social engineering cyber attacks

how to spot phishing scam

2. Teach your kids how to avoid online scams

how to spot phishing scam

3. Online employment and job scams - how to recognize the red flags

how to spot phishing scam

What banks are doing to protect you from frauds and scams

Banks take extensive steps to protect your money and personal information and provide a wide range of fraud prevention information for customers. It is important to remember that fraudulent e-mails, voicemails and texts sent out by criminals may look and sound like they come from banks or retailers, but they are scams and should be reported to the company being spoofed and deleted.

To report a fraudulent email, be sure to send the email as an attachment.