Taking shortcuts without hard work or skills often leads to scams. Don’t trust anyone immediately, especially strangers who try to get close to you quickly.
With the rapid development of new trends and technology, new challenges, threats, and scams are emerging every day. While social media can be used to spread both good and bad news within seconds, it is also being misused for fraudulent activities.
In this article, I will explain what is social engineering and how it’s evolving with new trends. These attacks not only cause financial loss and distress but have also led to tragic consequences, including death.
What is Social Engineering?
Social engineering is the practice of manipulating people into revealing confidential information or performing actions that compromise security. Instead of hacking systems directly, social engineers exploit human psychology to deceive individuals into sharing passwords, financial information, or other sensitive data.
Common Social Engineering Techniques
. Phishing
Phishing involves fraudulent emails, messages, or websites designed to appear legitimate, tricking victims into providing sensitive information such as passwords, credit card numbers, or personal details. Attackers often create a sense of urgency, claiming account suspension, unauthorized login attempts, or prize winnings to lure victims into clicking malicious links.
Example: A fake message from a friend or unknown person to asks the victim to “vote me to win this game” by clicking a link that leads to a fraudulent login page.
Pretexting
Scammers create a false scenario (pretext) to gain trust and extract personal data. They often pose as authority figures such as bank officials, IT support, or law enforcement to make their requests seem credible.
Example: A caller pretending to be from the CIB department sends emails from a similar address and demands money, threatening that if the recipient refuses, they will be jailed for cybercrime.
Vishing (Voice Phishing)
Fraudsters use phone calls to deceive victims into sharing confidential details, often pretending to be from banks, customer support, or government agencies.
Example: A scammer calls pretending to be a bank or wallet representative, saying “Your account has been compromised. Please verify your OTP to secure it.”
Honey Traps & Romance Scams
Scammers create fake online identities to build relationships and gain trust over time. Once they’ve established a connection, they use platforms like Viber and IMO to record compromising videos or images. They then blackmail the victim, demanding money, threatening to leak the recordings on social media if the victim refuses to comply.
Real-Life Examples of Scams
Case 1: The Fake Doctor and Urgency Scam
A lady stranger messages the victim on WhatsApp or Viber, claiming to be coming from abroad and asking to be shown around Nepal. The person says she is a doctor and sends photos and seemingly authentic documents to prove her identity. After a few conversations and calls, she says she is arriving in Nepal and requests to be picked up at the airport.
Once the victim reaches the airport, she claims that immigration is asking for money but that she doesn’t have enough. She acts panicked and tells the victim that they will be contacted by an individual at immigration who demands nearly 80,000 rupees to allow her entry. That stranger lady and in name of immigration officer pressures the victim to send the money immediately, threatening deportation if he doesn’t comply. She sends him bank details for the transfer.
When the victim asks for a copy of her citizenship for verification, the scammer provides it after some time. As the urgency builds, the victim contacts close friends and gathers the required amount. After multiple conversations, he is convinced to send the money. Once the funds are sent, the scammer cuts all contact with the victim.
Social Engineering Technique Used: Pretexting, Impersonation, and Urgency
Case 2: The Gift Scam and Travel Agent Scheme
A known person messages the victim on Facebook or another social media platform, claiming they are sending a gift. Initially, the victim refuses to accept it. Later, the victim’s Facebook friend says they are going to a travel agency and will talk later.
After some time, the friend claims to be stuck due to a financial issue and starts emotionally blackmailing the victim, pressuring them to speak with an “agent.” The so-called agent demands money, threatening that if the victim doesn’t pay, their friend will be sent to jail.
Driven by fear, the victim sends the money — only to realize later that both the friend and agent have disappeared, cutting off all contact.
Case 3: Another Tragic Case of a Traditional WhatsApp Scam Leading to Suicide: A scammer contacted her through WhatsApp, falsely claiming she had won millions in a lottery a and received a valuable gift. Tricked and manipulated, she believed the scam and ended up paying 85,000 rupees, which she had borrowed from different people. This heartbreaking incident was recently reported by Setopati.
The Evolution of Scams: From Traditional to Sophisticated Attacks
While traditional scams involved lottery messages and phone calls claiming the victim had won a prize, scammers would then ask for a “tax payment” to release the funds, usually via WhatsApp, Viber, or IMO. However, with evolving technology, scammers have developed more sophisticated tactics that manipulate people’s emotions and create a sense of urgency.
No legitimate authority or organization will ask for money via personal bank accounts, mobile wallets, or cryptocurrency.
If someone claims to be a friend, authority figure, or professional (doctor, police, bank representative, etc.), verify their identity before responding.
Do not trust unknown numbers or random messages on WhatsApp, Viber, IMO, or social media.
Always call official customer care numbers of banks, airlines, or agencies instead of trusting random messages.
How to Protect Yourself from Social Engineering Scams
To avoid falling victim to these scams:
Be cautious of urgency —Scammers pressure you into quick decisions. Stay calm. Always verify with known contacts and never send money to strangers.
Verify requests — Never share sensitive information (passwords, OTPs, or personal details) without verifying the source.
Check URLs and email senders — Phishing emails often come from fake addresses or have slight variations in domain names.
Avoid clicking unknown links — Do not open links from untrusted emails, messages, or pop-ups.
Report suspicious activity — If you encounter scams, report them to Cyber Bureau Nepal or relevant authorities.
Taking shortcuts without hard work or skills often leads to scams. Don’t trust anyone immediately, especially strangers who try to get close to you quickly.
