Social engineering and deception

Social engineering on the web is a deceptive method where attackers mislead users, for example, to steal money or misuse confidential information. This can include information about bank cards, login credentials and passwords, and phone numbers.

Some social engineering techniques

Technique

Description

Encouraging users to click on a link or visit a page

Attackers use clickbait headlines and deceptive content.

Possible deception scenarios:

  • Disguising a site as a news site with fake news.
  • Imitating dating sites or online lotteries.
  • Creating a site with offers of free or cheap goods and services, gifts, or prizes.
  • Offering easy earnings on fake platforms.

Creating the appearance of a safe or reliable site

To do this, attackers:

  • fake an official site by using similar domain names, interface elements, and content;
  • post fake positive reviews or false information.

Collecting confidential data

Attackers may use fake pages or forms for:

  • payments, asking users to enter bank card details;
  • logging into an account or recovering it;
  • entering a phone number or bank card details, promising access to content or a resource after payment. However, the user receives nothing. There may also be subscription activation with hidden auto-renewal, about the terms of which the user is not informed.

How to eliminate or prevent the violation

If your site is suspected of using social engineering methods, it may have been attacked by злоумышленники. Check that there is no malicious code on your site pages.

Contact support

Specify the violation you want to ask about so we can direct you to the right specialist.




You can also go to

These are provocative, attention-grabbing, or insufficiently informative messages. Their goal is to attract users' attention and make them click on the link.

Previous
Unwanted software
Next
Fraudulent activity