Cybersecurity tips

Social engineering: what you should know to help you stay safe

Scammers are smarter than ever. The good news? Once you know how these scams work, they’re much easier to spot. 

What is social engineering?

Social engineering is when someone pretends to be a trusted source—like a bank representative, colleague, or even a friend—to trick you into sharing personal or financial information. It’s not always obvious, and it can come in different forms.  

You’ve probably heard of phishing emails, but scammers also use text messages (called smishing) and phone calls (vishing) to reach out. No matter the method, the goal is the same: to get you to share sensitive information that allows the scammer to gain access to your accounts or convince you to transfer funds.  

The good news? Once you know what to look for, you’re in a strong position to spot these tactics and protect yourself.

Why does social engineering work?

Social engineering succeeds not because people are careless, but because it’s designed to exploit natural human instincts like trust, empathy, and the desire to help. Scammers know how to tap into emotions like fear, urgency, or even curiosity to get a quick reaction before you’ve had time to think things through. 

When you recognize the emotional “triggers” behind a message, you can pause, assess, and respond with confidence. It’s not about being suspicious of everything—it’s about giving yourself the space to think clearly. 

Social engineering red flag checklist

Scammers use different channels, but their tactics often follow the same patterns. Here are some red flags to keep in mind: 

1. Pressure to act immediately

Whether it’s a call, text, or email, urgency is a common tactic. If someone’s rushing you to make a decision or share information, pause and verify. 

2. Unusual or unexpected contact

A message or call out of the blue should raise a red flag, especially about money, account access, or personal info—even if it sounds friendly or helpful.

3. Requests for sensitive information

No legitimate organization will ask for your password, full Social Security number, or banking PIN through text, email, or over the phone.

4. Too much familiarity (or none at all)

Scammers may use your name or reference details they’ve found online to sound convincing. On the flip side, vague greetings like “Dear Customer” can also be a sign something’s off.

5. Inconsistent or suspicious contact details

A phone number that doesn’t match the company’s official line, a strange email address, or a link that doesn’t match the sender’s identity are all worth a second look.

6. Unusual payment requests

Be cautious if someone asks you to pay with gift cards, wire transfers, or cryptocurrency.

7. Emotional manipulation

Messages that try to make you feel scared, guilty, flattered, or overly trusting are often designed to cloud your judgment.

8. Refusal to let you verify

If someone discourages you from hanging up and calling back through an official number, that’s a red flag.

How you can stay safe

You don’t need to be an expert to protect yourself. A few simple habits can go a long way. 

Pause before you respond

If something feels off, take a moment. Scammers count on quick reactions.

Verify through official channels

Contact the company or person directly using your bank’s app, website, or the phone number on the back of your card—not the one provided in the message. 

Keep personal info private

Don’t share sensitive details unless you initiated the contact and are sure who you’re speaking with.

Trust your instincts

If something doesn't feel right, it’s okay to say no, hang up, or delete the message. Remember, Huntington Bank will never ask you for usernames, passwords, or two-factor authentication numbers via phone, email, or text.

What to do if you’ve been targeted through social engineering

If you think you've been scammed, contact your bank's fraud department as soon as possible. They'll walk you through the steps to secure your account, including freezing or monitoring activity, updating your password, and reporting the incident to the proper authorities like the FTC or local law enforcement.

And remember, there's no shame in being targeted. These scams are designed to be convincing, and speaking up quickly is the smartest thing you can do to protect yourself and others.

Caregiver Banking

Help safeguard your loved one’s finances

Huntington Caregiver Banking lets account owners share limited access to their accounts with people they trust, to help spot scams, manage spending, and make sure bills are paid on time. It’s an easy way to look out for a loved one while preserving their financial independence.

Learn More

Disclosures

The information provided in this document is intended solely for general informational purposes and is provided with the understanding that neither Huntington, its affiliates nor any other party is engaging in rendering financial, legal, technical, or other professional advice or services, or endorsing any third-party product or service. Any use of this information should be done only in consultation with a qualified and licensed professional who can take into account all relevant factors and desired outcomes in the context of the facts surrounding your particular circumstances. The information in this document was developed with reasonable care and attention. However, it is possible that some of the information is incomplete, incorrect, or inapplicable to particular circumstances or conditions. NEITHER HUNTINGTON NOR ITS AFFILIATES SHALL HAVE LIABILITY FOR ANY DAMAGES, LOSSES, COSTS OR EXPENSES (DIRECT, CONSEQUENTIAL, SPECIAL, INDIRECT OR OTHERWISE) RESULTING FROM USING, RELYING ON OR ACTING UPON INFORMATION IN THIS DOCUMENT EVEN IF HUNTINGTON AND/OR ITS AFFILIATES HAVE BEEN ADVISED OF OR FORESEEN THE POSSIBILITY OF SUCH DAMAGES, LOSSES, COSTS OR EXPENSES.