jump to navigation

successful social engineering? February 1, 2007

Posted by TSAI HONG-BIN in Diary.
trackback

in case there’s any malicious attack toward the bank I’m going to talk about, I’ll not disclose its name. Besides, this may not be a special case. I believe most of the organizations, especially those are related to public, are severely lack of inter-communication. A main reason of this phenomenon is the “flat world,” the trend of outsoucing.

The situation is, I applied for a credit card, and they need to check my credit history. That’s totally fine. Yesterday I got a phone from that bank, saying that they need more data about my savings in another bank and asking me to fax to them. I acknowledged, but in case this is a fraud, I called their customer service. The guy overther said they cannot confirm the fax number I just got belongs to them and asked me to fax to them first, and they will pass to the credit center.

Here is a huge mistake: they cannot confirm the number. Why? Because they though looks like working for that bank, but actually they are outsourced. It’s a phone-service company, they helped that bank pick up the phone, and filter out messages that are unnecessary to send back to the bank.

(to be continue)

Advertisements

Comments»

No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: