What is Social Engineering Fraud?
Social Engineering Fraud is a type of scam that relies on physiological manipulating to gain victims trust and trick them into performing actions or divulging confidential information such as personal or banking information, passwords, verification codes, and more. There are different methods and techniques used in social engineering fraud, with phishing being the most common one.
What is Phishing?
Phishing is a social engineering fraudulent method where fraudsters employ various communication methods, such as text messages, emails, and phone calls, to deceive victims by posing as legitimate or authorized entities to trick victims into disclosing their confidential information. Phishing messages commonly use misleading headlines, urgent or alarming language, and attractive offers. Phishing has many types, including:
-
Email phishing:
Involves the sending of fake emails that appear to be from reputable companies or financial institutions. These emails aim to deceive recipients into sharing personal information or carrying out actions that grant fraudsters access to sensitive data. -
Smishing:
Involves the sending of fake text messages that appear to be from reputable companies or financial institutions. These text messages aim to deceive recipients into sharing personal information or carrying out actions that grant fraudsters access to sensitive data. -
Vishing:
Occurs when a fraudster contacts the victim via phone call, pretending to represent a reputable company or financial institution. He then manipulates the victim into sharing personal information or performing actions that grant his access to sensitive data. -
Social media phishing:
Occurs when fraudsters create fake social media accounts that look like the official accounts of trusted individuals, companies, or financial institutions. They use these accounts to ask victims for personal information or to perform actions that give them access to sensitive data.
Remember!
Regardless of the method used by the fraudsters, their primary intention is to either steal your money or assume your identity to engage in illegal activities.
What are the red flags of phishing attempts?
-
Informal and poorly written email address:
Fraudsters often use suspicious email addresses that may appear to be from reputable companies or organizations. If you notice that the email address seems unofficial or poorly written, consider it a red flag indicating a potential fraudulent attempt. -
Impersonal email or text message:
Phishing messages are commonly sent to a large number of individuals without personalization. They are generic and lack any specific information or references to your personal interests. This impersonal nature serves as a red flag that suggests it may be a fraudulent attempt. -
Requesting money transfer or sensitive information:
Phishing messages frequently use tactics to deceive you into making money transfers or disclosing confidential information, such as your bank account details or personal data. If you receive a text or email requesting such actions, exercise caution and be wary of potential frauds. -
Spelling and grammatical mistakes:
Phishing messages are usually poorly written and full of spelling and grammatical mistakes. If you notice linguistic errors in a message, consider it a red flag indicating a potential fraudulent attempt. -
Suspicious link or attachment:
Phishing messages often contain links or attachments that lead to fake websites or download harmful software. If you receive an email with an unknown link or attachment, refrain from clicking on it or opening it.
How to protect yourself from phishing?
- Avoid entering your personal or banking information on a website you do not know. If you need to provide sensitive information, make sure to check the reliability and security of the site using the address bar in your browser.
- Be cautious of unfamiliar emails and text messages. If you receive a message from an unknown person or entity, refrain from opening it, clicking on any links, or downloading any attachments.
- Always make sure that the sending email address is accurate.
- Do not disclose any confidential information through phone calls, text messages, or emails to any individual or organization under any circumstances.
What to do when encountering fraud attempts?
Inform The Saudi Investment Bank immediately, using one of the following options:
- Call the number 8001248000 to reach the bank within Saudi Arabia
- Call the number +966 11 4183100 to reach the bank from outside Saudi Arabia
- File a fraud report through the dedicated page for reporting immediate support cases of fraudulent activity. To file a report, click here