How we are tricked in the digital world – social engineering and fake news
Internet Risks
In our digitally networked world, information is exchanged at unprecedented speed. While this has many benefits, there is also a downside: disinformation and manipulation. This is where fake news and social engineering take centre stage.
What is social engineering and what form does it take?
Let's say it's a rainy Sunday evening. You're sitting comfortably, with your hot chocolate in hand, and start browsing your social media. A headline catches your eye, "Scientists worldwide warn of cocoa's hidden dangers!" Before you throw your cup away, pause for a moment. This could be fake news – information that is deliberately misleading or misrepresented.
Fake news is a serious problem in today's glut of information. Fake news is designed to look like real news, often with the goal of deceiving, shocking, or pushing a particular agenda. A parallel phenomenon is social engineering – a form of manipulation aimed at inducing people to divulge confidential information, often unconsciously or without their explicit consent.
How does this affect me?
Fake news is more than just harmless rumours. It is deliberately fabricated or falsified information, often with political, social, or financial motives. A prominent example is the 2016 US election, in which fake news may have influenced opinions and changed the course of the election.
But fake news goes far beyond politics. Misinformation about health crises, such as the Covid-19 pandemic, can have serious implications for public health and safety. Rumours about vaccinations, treatments, and modes of transmission can influence public behaviour – and in some cases, even cost lives.
Social engineering is even more personalised, focusing on the individual and targeting sensitive personal information. Its goal is to exploit our natural need for trust and social interaction. A friendly phone call from a supposed "banker" asking for your date of birth, or an email that looks like it's from a trusted friend, may often be enough for a scammer to gain access to your account or other sensitive information.
Social engineering is a deliberate attempt to get people to divulge confidential information such as login information, passwords, and bank details. This can be done through convincing phishing emails, bogus phone calls, or even personal interactions.
One example is CEO fraud, or bogus boss scams. Here, scammers pose as high-ranking executives of a company and ask employees to make money transfers or release confidential data. If the employee fails to perform thorough verification, such requests can often appear authentic.
Both fake news and social engineering exploit typical human conduct. Our tendency to readily accept information that confirms our existing beliefs (confirmation bias) or to believe people or institutions that appear trustworthy is used against us.
How to protect oneself in a digital landscape that is always changing
The good news is that there are measures we can take to protect ourselves. A crucial part of this is to always educate ourselves and improve our own media competence – to learn to critically question information and verify its sources. It's important to maintain a healthy dose of scepticism, especially when it comes to information shared online. Check the credibility of news sources, and don't rely on just a single source.
When it comes to social engineering, always treat personal information as a valuable asset. Always be vigilant if you receive unexpected requests for personal information. Don't share this information carelessly, and make sure you use strong passwords and – where available – two-factor or multi-factor authentication and password managers. Make use of technical safeguards such as virus scanners and regular software updates.
In a world where more information is freely available than ever before, it is our responsibility to ensure that we have the tools and knowledge to protect ourselves from disinformation and manipulation. The digital age offers many opportunities – but with those opportunities come risks. By being aware of the dangers of fake news and social engineering and taking proactive steps to protect ourselves, we can benefit from the advantages of our connected world while staying safe and informed.
Additional information
Lucerne School of Information Technologies
Social engineeringiBarry
Social engineering: How cybercriminals trick usiBarry
Social engineering in the iBarry.ch glossaryiBarry
Deepfakes – when video evidence liesSwiss confederation
NCSC News: Launch of the European Cybersecurity Month devoted to social engineering