(KPLC) - The Better Business Bureau is warning about scams involving social engineering.
Social engineering is the art of manipulating people so they give up confidential information.
The types of information criminals are seeking can vary, but when individuals are targeted the criminals are usually trying to trick you into giving them your passwords or bank information, or access your computer to secretly install malicious software that will give them control over your computer.
Common attacks include an e-mail from a friend.
If a criminal manages to hack or socially engineer one person's email password they have access to that person's contact list and because most people use one password everywhere, they probably have access to that person's social networking contacts as well.
E-mails typically contain a link that you just have to check out and because the link comes from a friend and you're curious, you'll trust the link and click. That can result in then becoming infected with malware, so the criminal can take over your machine and collect your contacts info and deceive them just like you were deceived.
E-mails may also contain a download: pictures, music, movie, document, etc., that has malicious software embedded. If you download, which you are likely to do since you think it is from your friend, you become infected.
Better Business Bureau offers tips to avoid becoming become a victim:
Slow down. Spammers want you to act first and think later. If the message conveys a sense of urgency, or uses high-pressure sales tactics be skeptical; never let their urgency influence your careful review.
Research the facts. Be suspicious of any unsolicited messages. If the email looks like it is from a company you use, do your own research. Use a search engine to go to the real company's site, or a phone directory to find their phone number.
Delete any request for financial information or passwords. If you get asked to reply to a message with personal information, it's a scam.
Reject requests for help or offers of help. Legitimate companies and organizations do not contact you to provide help. If you did not specifically request assistance from the sender, consider any offer to 'help' a scam. Similarly, if you receive a request for help from a charity or organization that you do not have a relationship with, delete it.
Don't let a link control where you land. Stay in control by finding the website yourself using a search engine to be sure you land where you intend to land. Hovering over links in email will show the actual URL at the bottom, but a good fake can still steer you wrong.