Skip to main content

Are you a legal professional? Visit our professional site

Search for legal issues
For help near (city, ZIP code or county)
Please enter a legal issue and/or a location

Tips for Handling Phishing, Social Engineering Scams

Article Placeholder Image
By Jonathan R. Tung, Esq. on August 04, 2016 3:54 PM

The con has been on this earth longer than civilization. It seems that somewhere, somehow, someone is trying to pull a fast one on someone else. Cons, scams and schemes come in all sorts of shapes and sizes: "snake oil,", Ponzi schemes, political promises.

Those still exist, but the latest digital scams are getting fancier, more sophisticated and more prolific. Here are a few tips that will help you dodge them.

Social Engineering, Phishing, and Pretexting

Social engineering scams work off of the psychological bias we all have to trust one another either because of societal norms or because of laziness. They involve manipulating people so that they give up cash or sensitive information. An African prince needs your bank account to help hide some money, for example, or someone claiming to be your grandchild needs access to your Social Security Number. Social engineering is effective -- and it costs the system lots.

One common social engineer scam is phishing. Phishing begins when someone sends you an email from a domain that looks like it came from a trusted source, but didn't. The pretext is for recipients to send money or information back to the fraudster. Unfortunately, this too often works.

You and your associates really need to employ common sense here. The content of the email is critical. If the content threatens to close "accounts," take a real hard look. If it promises a pot of gold for sitting on your bum, take an even harder look. Then there are deals that sound too good to be true, purport to funnel funds to poor children in disaster prone areas, all while being written poorly written in suspiciously odd-sounding English. These deserve the hardest look.

Shooting Phish in a Barrel

Delete these emails. Or better yet, send them to onguardonline.gov, so you can help reduce the number of future victims.

Don't reply to these emails. Don't click on any links. These emails could infect your system with all sorts of bad things which could bring your network to a screeching halt. Meanwhile, you have no idea what's happening to your confidential client files. This is very bad too if you have records of firm's financials and credit card numbers.

Change your passwords. We all hate to do it, but it must be done. But don't do it too often -- it's all about balance, y'see. Employ fraud alert on your credit card statements. But most important, don't trust anyone too eagerly.

Related Resources:

Find a Lawyer

More Options