Social engineering and deception

Online social engineering is a deceptive tactic used by malicious actors to trick ordinary users. For example, to steal their money or exploit their sensitive data such as bank card details, login credentials, or phone numbers.

Examples of social engineering

Tactic

Description

Urging the user to click a link or open a page

Attackers use clickbait headlines and misleading content.

Possible fraud scenarios:

  • Disguise as a news site with fake news.
  • Imitation of a dating site or online lottery.
  • Creating a website offering free/cheap goods and services, gifts, or prizes.
  • Promises of easy money opportunities on fake platforms.

Creating the appearance of a secure or trustworthy website

To do this, attackers:

  • Impersonate an official site by using similar domain names, interface elements, and content.
  • Post fake positive reviews or inaccurate information.

Collecting confidential data

Attackers can use fake pages or forms to create:

  • Checkout pages, where the user is asked to enter their bank card details.
  • Authorization windows and account recovery forms.
  • Input forms for phone numbers or bank card details, where the user is promised access to some content or a resource but doesn't get it after giving his information. This can also include forms that activate a hidden, paid subscription with auto-renewal, and the user is never informed about its terms.

How to fix or prevent the violation

If your site is suspected of using social engineering tactics, it may have been targeted by attackers. Make sure that there is no malicious code on the site's pages.

If you have any questions, reach us via the Yandex Webmaster support chat. To do this, click in the bottom right corner. Chat support is available daily from 8:00 to 20:00 (UTC+3).




You can also go to

Provocative, shocking, or insufficiently informative messages specifically designed to attract users' attention and get them to click on the link.

Previous
Unwanted software
Next
Fraudulent activity