Social engineering is the art of manipulating people into giving up confidential information or performing actions that compromise security. Unlike technical attacks that exploit software vulnerabilities, social engineering exploits human psychology — our natural tendency to trust, help, and respond to authority.

Understanding the Threat

Criminals no longer need sophisticated hacking tools. A well-crafted phone call, a convincing email, or a fake SMS is often sufficient to gain access to bank accounts, personal data, or corporate systems. According to the National Cyber Crime Reporting Portal, over 68% of reported cyber frauds in India begin with some form of social engineering.

1.3M+Cyber crime complaints registered in India (2025)
68%Frauds initiated through social engineering tactics
82%Victims who clicked suspicious links without verification

How Criminals Operate

Attackers typically follow a predictable pattern: they research their target, establish a pretext (a false identity or scenario), build rapport, then exploit trust. Common pretexts include posing as bank officials, government representatives, technical support agents, or even relatives in distress.

🔵
Cyber Safety Tip

Never share OTPs, PINs, passwords, or banking credentials with anyone — including callers claiming to represent your bank, UIDAI, or any government department. Legitimate institutions never ask for these details over the phone.

Common Warning Signs

Recognising manipulation attempts is your primary defence. Be alert when someone creates artificial urgency ('Your account will be blocked in 2 hours'), appeals to fear ('Police will arrive at your home'), offers unrealistic rewards, or requests secrecy ('Do not tell your family about this call').

🔴
Scam Alert

Fraudsters deliberately create urgency to prevent you from thinking clearly or consulting others. If a caller pressures you to act immediately and discourages verification, disconnect the call. No legitimate authority operates this way.

🟡
Important Warning

Digital arrest scams — where callers impersonate CBI, ED, or police officers and threaten victims with immediate arrest — have surged 340% in 2025. These are always fraudulent. Indian law enforcement does not conduct arrests via video call.

Cyber Safety Checklist

Your Personal Protection Protocol

  • Verify caller identity independently — hang up and call the institution's official number
  • Never share OTP, PIN, CVV, or passwords over phone, SMS, or email
  • Enable transaction alerts and review bank statements weekly
  • Use strong, unique passwords and enable two-factor authentication
  • Report suspicious calls to the Cyber Crime helpline: 1930
  • Educate elderly family members — they are disproportionately targeted