A Guide to Social Engineering Scams | NatWest

A guide to social
engineering scams

Find out what social engineering
attacks are and how you
can avoid them.

What is a social engineering scam?

Social engineering is when a hacker tries to trick you into giving over personal information about yourself, such as your login details or passcode for Online Banking.

Common types of social engineering attacks


Fraudsters might try and contact you via telephone, email, text or even through social media. Criminals will use social engineering to exploit your natural human inclination to trust other people.

Phishing, smishing and vishing are the most common social engineering attacks. But what might a hacker be asking? Here are some common social engineering scams:


Emails, text messages or social media messages from a ‘friend’ or institution such as a university

Emails, text messages or social media messages from a ‘friend’ or institution such as a university

Some fraudsters will hack into an account, and then contact the victim’s friends pretending to be them or you may receieve an email or text message from an institution asking you to confirm your identity by handing over your card details. 

Baiting scenarios

Baiting scenarios

Perhaps you’ve seen a deal for a free watch from a new company or someone offering you a service for next to nothing. More often than not this will be a social engineering scam. The scammers are appealing to people’s interest in a bargain or free item. They will often ask you to put in your bank details in order to get the item, but the item will never arrive.

Responding to a question you never asked

Responding to a question you never asked

Some hackers will imitate a popular company and send out an email or give you a call asking if you would like more from them. For example, a hacker pretending to be a software company you use might email you asking if you would like the speed of your computer to improve. Once you agree they will ask you to authenticate who you are by giving them your details.

Add your signposting title here… How you can avoid social engineering fraud

Thankfully, it’s often fairly simple to spot a social engineering attack email or text message. There’s a few simple things you can look out for:

  • Is everything spelt correctly and are you addressed by your name? Often fraudulent messages will have spelling and grammar errors and won’t address you correctly.
  • Is what they are offering too good to be true? If it seems that way, then it probably is.
  • Don’t download any attachments or click on any links, unless it is from someone you know and you were expecting it from them.
  • Make sure your computer or laptop and antivirus software is up to date. If you do receive a fraudulent email, this will make sure your computer is protected if you do accidentally download an attachment with a virus.
  • If you receive anything unexpected asking for your passwords or financial information, it is most likely a scam. If it appears to be from a friend or a company you know, give them a call to check if it was actually from them.
  • To find out more about spotting email, text or telephone scams read our guides on phishing, vishing and smishing.
Secure Banking Promise
Add your signposting title here… What we do to protect you

When you bank with us Online or using the Mobile App, you are protected by our Secure Banking Promise. This means that:

  1. We’ll refund any money paid out of your account by a fraudster, as long as you’ve kept your security information safe.
  2. We’ll protect you 24/7 by monitoring your account and using the latest technology to keep you safe.
  3. We’ll help you protect yourself with tips for staying safe online. Have a look at our Security Centre for more information.

As well as protecting you with our Secure Banking Promise, there are several ways we make sure our Online and Mobile Banking App are the most secure ways to bank. From a layered security system to robust controls, your online safety is at the heart of everything we do. Find out more about how we protect you here.


Set Tab for lightbox