Skip to main content

Social engineering

Social engineering is used by criminals a lot.

It is to get you to share sensitive information, or make you do something you normally wouldn't for their own gain.

It can happen over the phone, by text, or via email. 

Most of the time you don't know it's happening. They'll convince you to take action without thinking. They'll use different techniques such as making you panic or building a friendship.

It could be:

  • convincing you to send a payment without checking that it's genuine
  • give remote access to your device and your online banking
  • share sensitive information without checking the person or source is genuine.

They'll impersonate trusted sources such as your bank, the police, or even a friend or family member.

What can happen

  • Remote Access
    A criminal tricks you into giving them remote access to your computer or device. They then ask you to download a genuine app such as TeamViewer or AnyDesk, or get you to click on a link.

    Never     give remote access to your devices unless you have checked that the caller is real and trusted. If you do give access, never log into online banking. Remote access gives the other person full access to view and act on everything you can.

  • Phishing (email), smishing (text), and vishing (voice calls)
    Criminals send fake emails, text messages, or calls pretending to be someone they're not. It can be hard to know if they're genuine. Never reply or act on anything without checking that it's from a genuine source. ​It is so easy for criminals to make contact details look real. They might even change the email address slightly so you don't notice. These are clever ways to trick you into sharing your details. Then they are able to steal your money.


Fraudsters use something called 'spoofing'. This is where they fake how their contact details appear on the caller ID, messenger name, or email address. It hides their true identity to convince you they're someone else.