Skip main navigation

Social Engineering: Examples Continued

This video gives a detailed illustration of phishing attempts using social engineering that manipulate you through using fear to get you to respond.
6.7
Now, this is an older one, but it’s a really good example. So this went around quite a bit several years ago. You would surf the internet. All of a sudden this big, scary FBI logo would come up on your computer in big, bold, red letters, “Your computer has been locked. This operating system is locked due to a violation of Federal law of the United States of America, Article 1, Section 8, Clause 8, Article 202, Article 210 of the criminal US. USA provides deprivation of liberty of 4 to 12 years.” So it’s scary. It says the FBI has my computer locked. And I violate these articles, and I can go to jail for 4 to 12 years.
52.6
And they have my IP address. And I was visiting a website that had either pornography, child pornography, zoophilia, or child abuse. And I can’t get out of this, and they’re going to come after me unless I pay them $200. Well, I’ve seen people and I dealt with people who actually got this - and they were freaking out - even though they were on a legitimate website. They were not actually surfing any of these horrific sites that it mentions on here. But still, the threat that your computer’s locked, the FBI has it, and they think that you went to these horrible websites. And you need to pay a fine.
92.2
So this is using fear, and it’s also using authority - fear that your computer has been locked, and you might go to jail, and that you’re looking at these horrific things whether you were or were not. Authority - well, obviously, FBI - the FBI is going to throw me in jail. Now, what would happen is they would walk you through. You would get $200 and a green pack, which is essentially wiring money. And it would go to some other hacker or criminal organisation that would collect money. So this is scary, because, again, it kind of did lock your computer.
136
You can do a Windows Control Delete and just close the browser, but it made it really hard to actually close out the window. And it looked really legitimate, because it has the FBI logo, and it’s naming off all these different legal articles to kind of scare you. Now, again, this is using fear, and it’s using authority. And it’s forcing you to act immediately, because your computer is locked. And if you don’t take action immediately to pay this fine, they’re coming after you. Well, again, this is amygdala hijacking. It’s trying to force you and scare you to take action without actually sitting and thinking.
178.4
Now, if you sit back and think for a while, you could think about, well, one, no, I didn’t visit any of these websites. Two, that’s unusual that the FBI or law enforcement is going to warn me that, hey, we’re going to come after you. So just sit tight, and we’re going to be coming to your house to arrest you. Also, I have never heard of any law enforcement agency that is going to force you to pay this fine or go to jail by telling you, hey, well, you could avoid 4 years in jail, 4 to 12 years in jail, if you just wire us money.
217.3
Well, that’s weird, because if you pay a fine, at least in the United States, to the police or whatnot, well, generally, you don’t send a money order to them. So with everything said and done, the police, and especially FBI, are not going to send you a, well, somewhat friendly message like this if you did something really horrific like this. They’re most likely just going to show up at your doorstep, at your home, or at your workplace, and arrest you. So this was a pretty scary social engineering attack, social engineering, and using fear and authority.

This video gives a detailed illustration of typical phishing attempts using social engineering that manipulate you through using fear to get you to respond.

Fear is a powerful emotion, and hackers will try to evoke a fear response in you so that you’ll react to their messages without allowing yourself time to think rationally about the situation. In this video, we review a common attack where hackers posed as the FBI. After watching the video, you should be able to identify elements of the attack attempt that would indicate it was a scam, and you should be better prepared to act in a way that will protect you if you ever receive such a message in the future.

Reflect and share: Have you ever experienced an attack like this FBI example? What did you do, or what do you think you would have done? Share your comments in the section below.

This article is from the free online

Advanced Cyber Security Training: Network Security

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education