Social Engineering refers to the art of manipulating people into performing actions or disclosing confidential information. An attacker usually gains trust or tempts a targeted person in order to steal sensitive/financial information such as login ID, password, PIN, OTP, card number, CVV / CVC, and expiry date by any of the following ways:
- Contacting the customer via phone, in person, email, fax or online, and trying to collect Bank’s sensitive information.
- Use links that redirect users to suspicious websites in URLs that appear legitimate.
- Incorporates threats, fear and a sense of urgency in an attempt to manipulate the user into acting promptly.
Phishing is the attempt to obtain sensitive information such as usernames, passwords, financial information like (debit/credit cards, web banking, mobile banking, etc.) often for malicious reasons, by camouflaging as Bank’s personnel in an electronic communication like email.
Vishing is the act of using the phone in an attempt to scam the user into surrendering private information that will be used for identity theft. The scammer usually pretends to be a legitimate business, and tricks the victim.