Social Engineering is an act of influencing people to reveal confidential or their personal information to gather even further information or gain illegal access to a system and the information inside that system for the end purpose of committing fraud.
There are several types of social engineering. The most common of which are pretexting (use of invented scenarios), baiting (use of free item or good to attract victims), quid pro quo (similar to baiting but uses service instead of an item), tailgating (or "piggybacking" - gaining acces to a restricted area by closely following one who has legitimate access) and phishing.
Phishing refers to fraud emails sent by syndicates to customers with the message that their China Bank Online account is either locked or suspended or the system has been upgraded and customers have to unlock or reactivate their accounts by clicking on a link provided. Once customers click on the link, they are led to a site that asks them to input their user name and passwords which the syndicate then uses to make unauthorized transfer from the account.
The best way to protect yourself against social engineering is to always be AWARE.
Ask yourself first before you post anything in social networking sites―birthdays, addresses, contact numbers, family, job, schedules, travels, location, affiliations, "likes" or anything that can be used for identity theft, whereabouts tracking or fraud perpetuation.
Watch out for unexpected/unexplained/unusual calls or emails. Confirm authencity of anyone with whom you communicate―get contact number from your card, statement, etc., and be wary of the information you share.
Always check your privacy settings on social networking sites.
Refrain from clicking on links embedded in emails and be particularly conscious of embedded links, emails or text messages that ask for password verification.
Ensure that your personal information are disclosed only with those whom you intend to share it with―people or organizations that legitimately require these information.