Skip to main content
Please enter a legal issue and/or a location
Begin typing to search, use arrow keys to navigate, use enter to select

Find a Lawyer

More Options

Tips for Handling Phishing, Social Engineering Scams

By Jonathan R. Tung, Esq. on August 04, 2016 | Last updated on March 21, 2019

The con has been on this earth longer than civilization. It seems that somewhere, somehow, someone is trying to pull a fast one on someone else. Cons, scams and schemes come in all sorts of shapes and sizes: "snake oil,", Ponzi schemes, political promises.

Those still exist, but the latest digital scams are getting fancier, more sophisticated and more prolific. Here are a few tips that will help you dodge them.

Social Engineering, Phishing, and Pretexting

Social engineering scams work off of the psychological bias we all have to trust one another either because of societal norms or because of laziness. They involve manipulating people so that they give up cash or sensitive information. An African prince needs your bank account to help hide some money, for example, or someone claiming to be your grandchild needs access to your Social Security Number. Social engineering is effective -- and it costs the system lots.

One common social engineer scam is phishing. Phishing begins when someone sends you an email from a domain that looks like it came from a trusted source, but didn't. The pretext is for recipients to send money or information back to the fraudster. Unfortunately, this too often works.

You and your associates really need to employ common sense here. The content of the email is critical. If the content threatens to close "accounts," take a real hard look. If it promises a pot of gold for sitting on your bum, take an even harder look. Then there are deals that sound too good to be true, purport to funnel funds to poor children in disaster prone areas, all while being written poorly written in suspiciously odd-sounding English. These deserve the hardest look.

Shooting Phish in a Barrel

Delete these emails. Or better yet, send them to, so you can help reduce the number of future victims.

Don't reply to these emails. Don't click on any links. These emails could infect your system with all sorts of bad things which could bring your network to a screeching halt. Meanwhile, you have no idea what's happening to your confidential client files. This is very bad too if you have records of firm's financials and credit card numbers.

Change your passwords. We all hate to do it, but it must be done. But don't do it too often -- it's all about balance, y'see. Employ fraud alert on your credit card statements. But most important, don't trust anyone too eagerly.

Related Resources:

You Don’t Have To Solve This on Your Own – Get a Lawyer’s Help

Meeting with a lawyer can help you understand your options and how to best protect your rights. Visit our attorney directory to find a lawyer near you who can help.

Or contact an attorney near you:
Copied to clipboard