Skip main navigation

New offer! Get 30% off one whole year of Unlimited learning. Subscribe for just £249.99 £174.99. New subscribers only T&Cs apply

Find out more

Social Engineering: Examples Continued

This video gives a detailed illustration of phishing attempts using social engineering that manipulate you through using fear to get you to respond.
Now, this is an older one, but it’s a really good example. So this went around quite a bit several years ago. You would surf the internet. All of a sudden this big, scary FBI logo would come up on your computer in big, bold, red letters, “Your computer has been locked. This operating system is locked due to a violation of Federal law of the United States of America, Article 1, Section 8, Clause 8, Article 202, Article 210 of the criminal US. USA provides deprivation of liberty of 4 to 12 years.” So it’s scary. It says the FBI has my computer locked. And I violate these articles, and I can go to jail for 4 to 12 years.
And they have my IP address. And I was visiting a website that had either pornography, child pornography, zoophilia, or child abuse. And I can’t get out of this, and they’re going to come after me unless I pay them $200. Well, I’ve seen people and I dealt with people who actually got this - and they were freaking out - even though they were on a legitimate website. They were not actually surfing any of these horrific sites that it mentions on here. But still, the threat that your computer’s locked, the FBI has it, and they think that you went to these horrible websites. And you need to pay a fine.
So this is using fear, and it’s also using authority - fear that your computer has been locked, and you might go to jail, and that you’re looking at these horrific things whether you were or were not. Authority - well, obviously, FBI - the FBI is going to throw me in jail. Now, what would happen is they would walk you through. You would get $200 and a green pack, which is essentially wiring money. And it would go to some other hacker or criminal organisation that would collect money. So this is scary, because, again, it kind of did lock your computer.
You can do a Windows Control Delete and just close the browser, but it made it really hard to actually close out the window. And it looked really legitimate, because it has the FBI logo, and it’s naming off all these different legal articles to kind of scare you. Now, again, this is using fear, and it’s using authority. And it’s forcing you to act immediately, because your computer is locked. And if you don’t take action immediately to pay this fine, they’re coming after you. Well, again, this is amygdala hijacking. It’s trying to force you and scare you to take action without actually sitting and thinking.
Now, if you sit back and think for a while, you could think about, well, one, no, I didn’t visit any of these websites. Two, that’s unusual that the FBI or law enforcement is going to warn me that, hey, we’re going to come after you. So just sit tight, and we’re going to be coming to your house to arrest you. Also, I have never heard of any law enforcement agency that is going to force you to pay this fine or go to jail by telling you, hey, well, you could avoid 4 years in jail, 4 to 12 years in jail, if you just wire us money.
Well, that’s weird, because if you pay a fine, at least in the United States, to the police or whatnot, well, generally, you don’t send a money order to them. So with everything said and done, the police, and especially FBI, are not going to send you a, well, somewhat friendly message like this if you did something really horrific like this. They’re most likely just going to show up at your doorstep, at your home, or at your workplace, and arrest you. So this was a pretty scary social engineering attack, social engineering, and using fear and authority.

This video gives a detailed illustration of typical phishing attempts using social engineering that manipulate you through using fear to get you to respond.

Fear is a powerful emotion, and hackers will try to evoke a fear response in you so that you’ll react to their messages without allowing yourself time to think rationally about the situation. In this video, we review a common attack where hackers posed as the FBI. After watching the video, you should be able to identify elements of the attack attempt that would indicate it was a scam, and you should be better prepared to act in a way that will protect you if you ever receive such a message in the future.

Reflect and share: Have you ever experienced an attack like this FBI example? What did you do, or what do you think you would have done? Share your comments in the section below.

This article is from the free online

Advanced Cyber Security Training: Network Security

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now