What is Social Engineering?

Social Engineering: What is it and how can you protect yourself?

In the ever-evolving world of cybersecurity, one threat looms larger than most: social engineering. This tactic involves the psychological manipulation of individuals to divulge confidential information or perform actions that compromise their security. In recent years, hackers have unleashed a barrage of sophisticated social engineering attacks, exploiting human emotions and vulnerabilities.

Here, we look at just a few:

1. Phishing attacks: The deceptive art of luring prey

At the forefront of social engineering is the notorious phishing attack. Scammers employ various forms of communication, primarily emails, to create a facade of trust. The ultimate goals are clear: to encourage you to click a malicious link, download infected attachments, or enter your credentials on a fraudulent website. These attacks can lead to dire consequences, from identity theft to financial fraud. Installing reputable antivirus software is a crucial step in warding off these threats.

2. Spear Phishing

Unlike generic phishing attacks, spear phishing is a precision strike. This method involves tailoring attacks to specific individuals or organisations, making them more challenging to detect.

3. Whaling: Going after the big fish

Similarly, high-profile targets like executives, government officials, or celebrities are considered "big fish." As these targets hold significant sway, they become prime subjects for social engineering exploits. As with all types of phishing, exercising caution is a crucial step toward ensuring protection against cybercrime.

4. Smishing and Vishing: Phishing takes new forms

However, phishing extends beyond emails with the advent of smishing (SMS phishing) and vishing (voice phishing). Scammers now utilise text messages and phone calls to deceive victims. With spoofed phone numbers and malicious links, these tactics aim to exploit individuals through alternative communication channels.

5. Pretexting: Creating trust, exploiting trust

Pretexting involves creating a false identity or misusing an existing role to establish trust. For example, you might think nothing of a loved one sending you a text from an unknown number, saying that they have lost their phone, and would you mind sending them some money for a new one? This is a popular scamming technique. The psychological impact of trusting a title, or person the hacker is impersonating, can cloud judgement, making individuals more susceptible to divulging sensitive information. Always confirm that you are speaking with the person that you think you are to avoid becoming a victim.

6. Scareware: Exploiting fear for gain

Scareware preys on fear, presenting victims with false threats to create a sense of urgency. Messages claiming your device is infected with a virus are common, appearing as pop-ups in browsers or spam emails. Recognising these tactics and maintaining a calm and informed demeanour is crucial to resisting the manipulation.


In the face of these evolving social engineering threats, protecting oneself requires a multifaceted approach. Vigilance, scepticism, and the implementation of security measures such as strong passwords, two-factor authentication, and regular software updates are paramount. By staying informed and adopting proactive cybersecurity practices, individuals can navigate the digital landscape with confidence, reducing the risk of falling victim to social engineering.

As well as providing Personal Cyber cover for our Bespoke Insurance customers, we have created a hub of information to help keep you safe online. Take a look here

Expert help whenever you need it from your personal cyber security team

Want to learn more about how to prevent a cyber incident? Looking for a second opinion on a suspicious call or email? Need immediate support in the event of a cyber attack?

If you’re a NFU Mutual Bespoke Home Insurance policy holder, NFU Mutual Bespoke Cyber Assistance Helpline, administered by CyberScout, can offer advice and guidance and access to cyber experts and fraud specialists.

You’ve got 24/7 access, 363 days a year** - just call the Helpline and have your
NFU Mutual Bespoke policy number to hand.

Helpline number:  0800 138 8211

**Closed Christmas Day and Boxing Day