How Criminals Trick You Without Hacking

You might think cyber attacks are all about sophisticated computer hacking. But the truth is simpler and more unsettling.

Most criminals don’t hack computers. They hack people.

What Is Social Engineering?

Social engineering is the art of manipulating someone into doing something they shouldn’t. It’s not a technical exploit — it’s a psychological one.

Think of it like a con artist from the old days, but faster, bigger, and amplified by technology.

The 5 Most Common Tricks

1. Authority

They pretend to be someone important. HMRC. Your bank. The police. Your boss. People instinctively obey authority figures.

What to do: Verify independently. If HMRC calls you, hang up and call them back on their published number.

2. Urgency

“Your account will be closed in 24 hours.” “This offer expires today.” “You’ve been fined, pay now.”

Urgency is designed to stop you thinking. Criminals want you to act before you check.

What to do: Nothing is that urgent. Take 5 minutes. Call someone. Think.

3. Familiarity

They pretend to be someone you know. “Hi Mum, it’s me, I’ve lost my phone.” With AI voice cloning, they can now sound exactly like your loved one.

What to do: Ask a question only they would know. Or call them back on their actual number.

4. Scarcity

“Only 3 spots left!” “This investment opportunity won’t last.”

Scarcity makes you fear missing out. Crypto scams use this constantly.

What to do: If it’s genuinely limited now, it’ll be available later. Walk away.

5. Reciprocity

They do you a small favour first, then ask for something bigger. “I’ll send you £50 for liking a few posts… now can you pay a fee to unlock bigger earnings?” (This is called a task scam.)

What to do: No legitimate business pays you before asking for money later.

The Bottom Line

The single best defence against social engineering is: Stop. Breathe. Verify.

Every scam in history relies on rushing you. Don’t let them.