Social engineering scams are tactics used by scammers to gain the trust of individuals and manipulate them into revealing confidential or personal information. Bad actors exploit human psychology by creating fear, urgency, or offering false promises to deceive individuals into sharing sensitive details such as passwords, bank information, or identification numbers. Social engineering scams are reported in countries like the US, UK, India, Canada, Australia, Nigeria, China and the Philippines. 

In India, many individuals were defrauded last year by scammers posing as officials from the customs department, with some victims losing their entire life savings. The threat actors called unsuspecting people, claiming that a parcel addressed to them had been intercepted and contained MDMA (a narcotic substance) along with their identification documents and other illegal materials. They warned that the victims could face serious legal consequences. Under the pretext of monitoring, scammers instructed victims to transfer all their funds to a so-called secure account and then disappeared with the money. These criminals kept victims on the phone for hours, isolated them from friends and family, and used fear tactics to force compliance, leaving individuals paranoid and entirely under their control. This scam was widely known as fedex scam or courier scam. 

This is a severe example of social engineering, where scammers addressed individuals by name and sometimes even read aloud their unique identification number (Aadhaar in India). They posed as authoritative figures capable of intimidating people, establishing a believable pretext before accusing them of serious crimes they had never even heard of. By instilling fear and confusion, the scammers manipulated their victims into complying with demands and ultimately extorted large sums of money.

In Chennai, a 72-year old woman was scammed by callers who claimed her phone number was linked to illegal Hawala accounts. Posing as a cybercrime officer, one scammer said a parcel in her name with drugs and fake documents was seized. They threatened arrest and tricked her into transferring ₹4.67 crore to a fake RBI account which is around $560,000 USD.

Besides keeping yourself updated about ongoing scams, it is important to never share your sensitive information with anyone and to act with patience during such situations. Here are some of the key ways you can protect yourself and your family:

• Be aware: Educate yourself and others about ongoing scams and the tricks scammers are using to defraud people.
• Do not share sensitive information: If you receive an unsolicited request for personal information like IDs, passwords, bank details, OTPs, or any other financial information, treat it as a red flag
• Use official channels of communication: If you suspect that a communication from a company or person is suspicious, verify their authenticity through official channels, such as a verified website, phone number, or an email address. 
• Do not click on random links: Make it a rule, do not click on links sent by unknown senders. These could be phishing links meant to steal your personal information.
• Use complex passwords: Change your passwords regularly and use unique passwords for each account. Including a mix of uppercase and lowercase letters, numbers, and special characters makes your passwords harder to crack. 
• Enable multi-factor authentication (MFA): For an additional layer of security to our account, enable multi-factor authorization as it significantly reduces the risk of unauthorized access. 
• Limit what you share on social media: Scammers make use of the data you share on social media. From cloning your voice to misusing information about your friends and relatives, they can exploit such details to cause you harm.
• Download the Truecaller app: Truecaller protects individuals' time and money by filtering out spam messages, blocking spam numbers, and identifying unknown callers. It also helps detect fraud and scam attempts, and its new AI call scanner feature can be activated if a call seems suspicious. If the call is AI-generated, the app will let the user know, protecting them from voice scams.

Social engineering scams are becoming increasingly complex, and the use of AI is making it harder to distinguish between real and fake interactions. In such times, education and awareness are essential, along with using tools like the Truecaller app. Protect yourself by using strong passwords, enabling multi-factor authentication, and avoiding suspicious links or messages. Never share your passwords or personal information with anyone.