Home Latest News What is Social Engineering?

What is Social Engineering?

Social engineering is a tactic used by criminals to manipulate people by exploiting the natural human tendency to trust. They do this through fraudulent emails, telephone calls, text messages and impersonation. By knowing how to recognise fraudulent communications, this will help businesses and individuals be more vigilant.

Fraudulent Emails: Phishing

The criminal sends an email which usually impersonates well known businesses or government departments. These emails are designed to encourage or scare the reader into clicking a link or opening an attachment. These emails usually contain malicious software, known as malware, so the ability to spot them is important to keeping your businesses and personal devices safe.

Things to look out for:

  • Receiving the email unexpectedly and it asks you to click on a link.
  • There is a sense of urgency to the email

Fraudulent Phone Calls: Vishing

Telephone fraud is referred to as Vishing. Often the criminal impersonates a member of bank staff, claiming there is an urgent issue with your account. Criminals can also impersonate other third parties such as utility companies.

Things to look out for:

  • The call is unexpected and there is a sense of urgency.
  • The caller may ask you for identification such as passwords.

Fraudulent Text Messages: Smishing

This is when criminals send a text message pretending to be from your bank or other organisation. During the COVID-19 pandemic there was a rise in smishing messages pretending to be the Post Office and other delivery companies due to the increase in online shopping. Do not click links within or reply to these messages.

Things to look out for:

  • The text is unexpected and from an organisation or service that you have not used
  • The text includes a link


Anyone can fall victim to impersonation. Information readily available via social media and websites can help criminals to create convincing emails pretending to be senior management, staff, customers, and suppliers. These emails are often written with a sense of urgency and request payment or data.

Things to look out for:

  • The email is written with a sense of urgency or using language not often used by the individual.
  • The impersonated email address has characters missing.


Read fraud awareness guide


What is Insider Fraud?




JCB Finance Online:
Designed to keep customers safe


Fraud Awareness:
Useful links