Social Engineering

Protecting Against Manipulative Tactics

Social engineering manipulates individuals to gain access to sensitive information or perform certain actions. Attackers use psychological tactics to exploit human behavior, often through deceptive communication methods such as phishing emails, phone calls, or text messages. Understanding social engineering techniques is essential for safeguarding against threats.

Phishing Text Messages (Smishing)

Smishing, a blend of "SMS" (Short Message Service) and "phishing," is a form of cyber attack that targets individuals through text messages. Attackers use deceptive SMS messages to trick recipients into making unauthorized purchases, divulging sensitive information, clicking on malicious links, or downloading harmful content onto their mobile devices.

Smishing attacks involve sending deceptive text messages, often appearing to be from legitimate sources like work colleagues, banks or companies. They may create urgency, asking recipients to verify accounts or offering fake prizes. Some smishing attacks specifically request employees to purchase gift cards, claiming to be from ANR directors or leadership, exploiting trust and authority.

Watch out for unsolicited texts, especially from unfamiliar numbers. Be cautious of urgent requests, spelling errors, or requests for sensitive information. Avoid clicking on links or downloading attachments from suspicious messages, and verify requests directly with ANR if in doubt. Additionally, be wary of unusual methods of communication. If a message seems out of character or unexpected, take extra precautions to validate its authenticity before responding or taking any action.

If you receive a smishing messages from an ANR employee, report the message to ANR IT (help@ucanr.edu).  If you receive an smishing attempt from an unknown number, report suspicious text messages to your mobile carrier using the "Report" function your cell phone.