- When a criminal tries to win and exploit a person’s trust using manipulation or impersonation, this is known as a ‘social engineering scam’.
- Employees may be targeted to infiltrate a business’ computer network or obtain financial information.
- Business fraud insurance can prevent risks, detect fraud, and cover losses.
Summary
Key Takeaways
No one wants to discover their business has become a victim of fraud. It can be an uncomfortable experience that could end up costing your company greatly.
At Allianz Trade, we believe prevention is always better than a cure. So, we’re looking to raise awareness of these unscrupulous activities. And, with our business fraud cover, we’re here to help if you’re unfortunate enough to be targeted.
Below, we share all there is to know about social engineering business fraud.
What is social engineering fraud?
A social engineering fraud or ‘attack’ is when criminals attempt to con a person using impersonation. They try to win and exploit your trust, tricking you into disclosing information to enable a crime or handing over money.
Scammers use their strong social skills to manipulate their chosen victims, which is why it's called 'social engineering fraud.' This can be done over the phone, via email, or through chat apps. There is usually a sense of urgency to the communication which encourages prompt compliance and skipping typical verification and safety steps.
Social engineering fraud in business could include situations, such as criminals claiming to be:
- A supplier with an unpaid invoice
- A bank or other lender with a missed payment
- The tax man stating you’ve not paid the correct amount
Types of social engineering attacks
As these scams are becoming more known, criminals have diversified their methods. These scammers will also adapt to their target’s behaviours and will go where their victims are. So, there’re many types of social engineering attacks. These include:
Phishing – The criminal will ‘phish’ for data by pretexting – impersonating someone in authority requesting some sort of action – and/or sending malware. In some cases, there’ll be a real person at the end of the line. In others, they’ll use interactive voice response (IVR) technology to target more than one person at once.
Read more: Financial crime: Payment fraud over the internet – what should you do?
‘Spear phishing’ is a type of phishing scam where the scammer impersonates someone the victim knows and trusts. A scam message could appear like it has come from a familiar email address and contain information about the victim (found on online) to make it look more authentic.
The term ‘whaling’ may also be used when senior executives and management are targeted.
Vishing – Similar to phishing, but a phone scam. These are calls where scammers claim to be representatives of a reputable organisation, such as a bank or government department, to obtain information.
SMiShing – Again, this is similar to phishing and vishing, but the scammer will contact you via text or WhatsApp.
Water-holing – When a group of people, usually from the same company or organisation, are targeted by infecting one or more websites they frequent. These scams are difficult to detect and are designed by criminals to gain access to a company’s computer network using malware.
Romance – Sometimes known as a ‘honey pot’ scam, this is when criminals develop a friendly or romantic relationship with emotionally vulnerable people, usually through social media, to try and obtain key information or money. In some cases, this can evolve into sextortion – where victims are coerced or tricked into sharing explicit photos or videos which are then used to blackmail them.
Quid pro quo – Bribery or blackmail to get the person to do what the criminals want.
Investment – Sometimes also known as ‘boiler room fraud’. People are tricked or pressured into investing in fraudulent or worthless business shares.
How common is social engineering business fraud?
So, you now know what social engineering fraud is, but is it something you should be concerned about?
Fraud, and social engineering scams, may be more commonplace than you think. According to the Government’s Cyber Security Breaches Survey 2024, 50% of businesses and 32% of charities have experienced a cyber-attack in the last 12 months, with phishing the most common (84% of businesses and 83% of charities).
Percentage of organisations that have identified breaches or attacks
in the last 12 months
Source: Gov.UK, Allianz Trade
35% of businesses and 37% of charities also reported scams by others impersonating organisations in emails or online, with viruses and other malware reported by 17% of businesses and 14% of charities.
The same survey report reveals that businesses could do more to protect themselves from attacks and their effects.
Percentage of organisations that have the following types
of insurance against cyber security risks
Source: Gov.UK, Allianz Trade
Our own research has found that social engineering fraud cases have increased fivefold since 2014 (+400%).
Let Allianz Trade help protect you from business fraud
If you would like assistance with risk prevention, detecting fraud, and covering the financial losses from such scams, Allianz Trade can help. Our business fraud insurance is a key part of many companies’ corporate risk management protocols and can protect your organisation too.
Whether phishing, quid pro quo, or a romance scam, we’re here to help.
As Vikshay Vijai, Fraud Insurance Sales Manager at Allianz Trade UK and Ireland, says:
“The tenfold increase in social engineering fraud over the last decade proves the fact that this threat is the most rapidly growing of all frauds we encounter.
“Businesses of all sizes are being easily manipulated by criminals into releasing confidential information that leads to their downfall, particularly in recent times with the advent of AI and modern technology.
“These firms must act fast as there is no time to lose before falling into such traps. We have a set of suggested measures that can be taken to stay vigilant, however, only a comprehensive fraud insurance policy can provide true peace of mind against Social Engineering risk.”
You might also be interested in…
Business Fraud: 5 of the most common types to look out for
How businesses are protecting themselves against employee fraud
The importance of fraud prevention for businesses
Let's talk...
For a free Business Fraud Insurance consultation call our UK team, 09:00-17:00 Mon-Fri.
Our expertise and commitment
Allianz Trade is the global leader in trade credit insurance and credit management, offering tailored solutions to mitigate the risks associated with bad debt, thereby ensuring the financial stability of businesses. Our products and services help companies with risk management, cash flow management, accounts receivables protection, Surety bonds, Business Fraud Insurance, debt collection processes and e-commerce credit insurance ensuring the financial resilience for our client’s businesses. Our expertise in risk mitigation and finance positions us as trusted advisors, enabling businesses aspiring for global success to expand into international markets with confidence.
Our business is built on supporting relationships between people and organisations, relationships that extend across frontiers of all kinds - geographical, financial, industrial, and more. We’re constantly aware that our work has an impact on the communities we serve and that we have a duty to help and support others. At Allianz Trade, we’re strongly committed to fairness for all without discrimination, among our own people and in our many relationships with those outside our business.