5 Ways to Spot Social Engineering and Avoid Getting Bitten In The Bank Account

December 2014: Along with mistletoe and dreidels, the ho-ho-holidays bring out an avalanche of nasty grinches who want to grab your money instead of earn their own. Social engineering — formerly known as con games — is bigger than ever as scammers use a combination of in-person and online tricks to get your information.

Here are five entirely new ways to think about these Grinches and to recognize them for who they really are: 

1. The credit card employee who calls to notify you about a suspicious charge on your account. Who he really is: That Nigerian prince with mega-millions to transfer to your account — you’ve gotten his emails, right? He’s back. This time all you need to do is verify your credit card number and expiration date. What to do? Hang up. And if you’re at all concerned, contact your credit card company to check for yourself.

2. The website that has fantastic online deals for the electronics and hot designer brands. Who they really are: Those guys in trench coats with all the watches hanging on the inside. Hey, buddy, wanna buy a smartphone? How about a GoPro? Maybe some Beats? Just click! What to do? Only buy from reputable e-commerce sites. Especially during the holiday season (same goes for donating to charity sites). Here’s how to determine if a site you’ve never used is safe.

3. The person who sends you a friend request on Facebook because she’s friends with your friends. Who she really is: The fake door-to-door salesperson who just wants to get in your house. She looks so nice … and she’s holding a vacuum cleaner. Plus she says your neighbor, John Q. Gullible, just bought one so it’s got to be good. What to do? Don’t accept friend requests from people you don’t know. Seriously. Even if you think maybe you met them at a holiday party last weekend. Profile pictures, current city, hometown, high schools — all can be lies.

4. The corporate guy who sends an official-looking email about changes to your account. Who he really is: The pickpocket who’s dressed like a businessman. Clean cut, nice suit, well-poised…with the fastest fingers this side of the Macy’s parade. You don’t even think twice when he bumps into you — or when he asks you to click a link — because he looks so normal. What to do? Never send any type of personal information in response to an email or click on a link in an email you weren’t expecting no matter how official-looking it is. Navigate to websites you have chosen instead.

5. The cute but harried person who scoots in behind you at work or at your building’s security door, arms full of packages. Who she really is: The Artful Dodger from Charles Dickens, “Oliver Twist.” Or the possessed doll Chucky (you choose). Instantly lovable and you feel sorry for her — and she’s so thankful when you lend a helping hand … right before she starts swiping wallets or login credentials. What to do? This is a tough one because the person is standing right next you. Step back out and offer to hold her packages while she fishes out her own key or card to swipe. If she says she forgot it, apologize for not being able to let her in and blame someone else — your boss, management, whoever. If you can’t pull that off, notify the appropriate person that you let someone in.

Feeling a bit Grinchy yourself with all this suspiciousness? No need! Just be aware that while social engineering sounds like a fun group project that involves calculators and diagrams, what’s really being engineered is YOU. For more insight into how to think like a scammer, check out this website on how to become a social engineer yourself.

You may also be interested in: