top of page

How do cyber criminals hack humans?

Social engineering is one of the fastest growing cybercrimes out there and it’s our personal information which allows these attacks to be so successful. Offenders are becoming ever more adept in targeting people’s confidential information, gleaning such data as passwords and bank details through very straightforward methods.

Usually, social engineering is conducted by a hacker who generates a scam to lure unsuspecting users into revealing data, spreading malware or viruses on your devices and to gain access to restricted systems.

Your salon, barbershop, beauty room or healthcare premises will have locks on the windows and doors, possibly a high-tech alarm system and perhaps CCTV to keep an eye on your business’s premises. But what do you have in place for your online security?

How do cyber criminals use my information?

A good social engineer will often take weeks or months getting to know a company through a variety of ways. Scouring the major social media sites and business websites for bits of personal information about you are easy wins.

Unsecured, public profiles are the most useful, but even if you keep your privacy settings on high, there’s no guarantee that a family member or close acquaintance might not have shared information about you on their profiles.

How can my business fall victim to a social engineering attack?

Another way in which a cybercriminal can find information on you is by researching other organisations you’re affiliated with, for example, local charities or perhaps you sit on a local board. Personal details send strong signals about your interests and the types of appeals that might be most effective on you.

On a more conspiratorial note, someone you know from a company may be recruited to infiltrate your activities, or industrial espionage specialists may profile you through the internet and get to know your preferences, hobbies, contacts, and friends.

These are just a few methods that cyber criminals can employ, so if you want your business to be truly resilient, here are our top five tips on preventing personal data from being hacked:

  • Keep social profiles locked down

  • Be wary of cold calls

  • Set your spam filters to high – and we don’t just mean on your computer

  • Follow security best practices

  • Opt-out of people-search sites


The Cyber Resilience Centre for the West Midlands is non-for-profit and is Policing-led. We provide a range of affordable cyber resilience services with the very current knowledge and technical expertise from the UK's top university cyber talent. Our services help SMEs and therefore supply chain prepare and improve cyber resilience.

Sign up for FREE membership here.



The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.


The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page