Skip to Content

You are now leaving Cardinal Bank.

You are now leaving Cardinal Bank's web-site and are going to a web-site that is not operated by the Cardinal Bank.

Cardinal Bank is not responsible for the content or availability of linked sites.

Please be advised that Cardinal Bank does not represent either the third party or you, the member, if you enter into a transaction. Further, the privacy and security policies of the linked site may differ from those practiced by the

You will now access:

Cardinal Bank

Online Banking

Cash Management


Subscribe to Newsletter

I Want to…

Connect With Us

Befriend us on Facebook Read our profile on LinkedIn. Follow our Tweitter Follow us on Instagram Check us out on Yelp

Resource Center


Social Engineering

Hackers or fraudsters may use email, phone calls or in-person visits to attempt to deceive. They often represent themselves as someone you can trust such as a friend, an IT support technician, law enforcement official, regulator, repair person, security guard, etc.
Social engineering attacks have many faces.
The best defense against social engineering attempts is being able to recognize when it’s happening. The most common social engineering attacks are:
  • Phishing. A fraudulent email disguised as a legitimate email, often purporting to be from a trusted source. The message is meant to trick the recipient into installing malware on his or her computer or device, or sharing personal or financial information.
  • Spear phishing. The same as phishing, but tailored for a specific individual or organization. Such attacks often target senior leadership or their supporting staff, as attackers assume these personnel have broad access to data and information. Spear phishing attacks often seek to obtain financial data or trade secrets.
  • Vishing. Using a telephone (instead of email) to scam a user into surrendering private information or granting access to company information or systems. The attacker usually pretends to be a legitimate business representative or support technician, and tricks the victim into disclosing information or providing access to internal systems.
  • Baiting. Leaving a malware-infected physical device, such as a USB flash drive or CD-ROM, in a place it is sure to be found. The finder then picks up the device and loads it onto his or her computer, unintentionally installing the malware.
  • Tailgating. When an unauthorized individual follows an employee into an otherwise secure location. For example, someone following behind an authorized user and catching the door before it closes.
  • Shoulder Surfing. The use ofdirect observation techniques, such as looking over someone's shoulder, to get information. This technique is commonly used to obtain passwords, PINs, security codes, and similar data.
Be Alert! Look For Suspicious Behavior and Know How To React
Everyone can fall victim to social engineering . Stay alert for unusual behavior, and keep these tips in mind:
  • Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information. If someone claims to be from a legitimate organization, try to verify their identity independently. Do not use contact information provided by an individual or use a link/website provided in an email.
  • Do not provide personal information or information about your organization, including its structure or networks, unless you are certain of a person's authority to have the information.
  • Do not disclose sensitive information unless you are certain of the recipient’s identity.
  • Double check links and websites. Links and websites may appear legitimate, but may take you to a malicious site. Check for slight variations in websites (spelling, .com vs. .net) and hover over links to verify destination.
  • Minimize non-business related internet activity and restrict browsing to only those sites necessary to complete your job.