jump to navigation

successful social engineering? February 1, 2007

Posted by TSAI HONG-BIN in Diary.

in case there’s any malicious attack toward the bank I’m going to talk about, I’ll not disclose its name. Besides, this may not be a special case. I believe most of the organizations, especially those are related to public, are severely lack of inter-communication. A main reason of this phenomenon is the “flat world,” the trend of outsoucing.

The situation is, I applied for a credit card, and they need to check my credit history. That’s totally fine. Yesterday I got a phone from that bank, saying that they need more data about my savings in another bank and asking me to fax to them. I acknowledged, but in case this is a fraud, I called their customer service. The guy overther said they cannot confirm the fax number I just got belongs to them and asked me to fax to them first, and they will pass to the credit center.

Here is a huge mistake: they cannot confirm the number. Why? Because they though looks like working for that bank, but actually they are outsourced. It’s a phone-service company, they helped that bank pick up the phone, and filter out messages that are unnecessary to send back to the bank.

(to be continue)



No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: