Text Size:   A+ A- A   •   Text Only
Find     
Site Image
Social Engineering (including Phishing)
Introduction
 
Often, the easiest way for an attacker to get information from an organization, or from an individual, is not to hack into the computer systems but simply to trick someone into revealing a password, or persuade them to allow the attacker access into a secure area. This form of attack is called "Social Engineering".
 
Perhaps the best known form of social engineering is 'phishing' - phony e-mails purporting to be from respectable banks, credit unions or e-commerce companies that try to persuade you to enter sensitive information into a criminal's Web site. Other social engineerng techniques include phony phone calls (also called 'phone phishing') and even old favorites like the 'Advance Fee Fraud' - now commonly known as the Nigeria scam.
 
In this section will tell you a little about how these attacks happen so you can better prepare yourself to spot them and respond appropriately.
 
Note that social engineering techniques are often used in identity theft. So please also see our section on 'Avoiding Identity Theft and Fraud'.

Featured Links

  • Wikipedia - Phishing 
    A great introduction to the history of phishing, and the techniques that phishers use.

 
  • Money Mules Explained
    An explanation of how "money mules" are used to transfer funds on behalf of criminals, and how you might get mixed up in this kind of scam if you're not careful.
 
  • Money Mules: The Hidden Side of Phishing
    Employment listing sites often carry ads offering stay-at-home positions titled "shipping manager," private financial receiver," or "sales representative." Many of these, however, are active attempts at enlisting people to transfer illegal funds from credit card thieves operating out of the former Soviet Union.
 
  • Phishing Scams: Avoid the Bait (game)
    Phishers are looking to lure you with bogus e-mails and pop-ups that seem safe. Will you take the bait or live to swim another day? Test your luck with this game from OnGuard Online.


Some Phishing Quizzes
Use these quizzes to see how much you know about phishing and see if you can recognize phishing attacks.

More Links

 
Links to Web sites outside Oregon.gov do not constitute endorsement by Oregon state government or the Department of Administrative Services of the products, services or information provided on those Web sites. If you want to comment on the accuracy of a link, report a broken link, or suggest a new link, click on Web Site Feedback below.