Criminals can use many methods to take advantage of people to steal information, gain access to systems or obtain funds illegally. Below are some of the methods used. Drag the scenario into the answer box of the method that best matches the situation. Press the scenario to have the computer read it out to you. Press again to stop


Social Engineering Method Answers Situations
Blagging
Blagging is the act of creating and using an invented scenario to engage a targeted victim in a manner that increases the chance the victim will divulge information or perform actions that would be unlikely in ordinary circumstances.
1. You receive a phone call from the IT technician at head office explaining that they need your username and password to fix the printer issues. Company files and personal details are stolen.
2. A gang install a hidden camera in the ceiling of a petrol station, above the counter. A planted employee makes sure bank cards are copied and the camera recorded the PIN numbers being entered.
3. You get an email from the bank asking you to check on some recent transactions. You click on the link in the email which takes you to a fake site which looks like your bank’s website.
4. You receive an email claiming you won a prize, lottery or gift, and you only have to pay a "small fee" to claim it or cover "handling costs".
5. You get a Friend Request on Facebook from someone you already thought was your Friend? After you accept their request you get a lot more advertising in your newsfeed.
6. A text message on your phone offers you a daily joke. You sign up but discover later you are being charged £1 for every text they send.
7. A text from your bank asks you to confirm some personal details so they can update their records. The information you give allows them to take all the money from your account.
8. You search the web for some cheap trainers. You find a great deal on a website. You enter your payment details but never receive the trainers and there is not record of the order with the website.
9. You meet someone through a dating site. You exchange lots of emails and become quite close. They live a long way away and cannot afford to visit so you send them some money. You never hear from them again.
Phishing
Phishing is using emails or text messaging to fraudulently obtain personal details. Usually it will be in the form of an email from a bank or other legitimate business
Pharming
Pharming is the act of redirecting a user to a fake site by modifying DNS entries. This could be a site made to look and act like a legitimate ecommerce site but aims to steal your personal details
Shouldering
Shouldering is watching someone input their private details, such as passwords and pins, with the intent of using those details.

Special mention, and credit, to Mr R Jolliff for producing the social engineering activity - downloadable from the STEM learning resources