Opps, Your bank is at $0
Social engineering are used to con, trick, manipulate you to give out information that shouldn’t be and those information being extracted is used to commit fraud or impersonating you to other party.
They also can combine Email Phishing and Website Phishing in this attack so be careful.
How it works ? For people
Hacker will make phone call you impersonating a company you have trust with and extract personal / valuable information from you.
After that they can use the information extracted from you, to forge fake documents and provide them to other company to register/pay for any product or service that requires your identity.
Of course they can get more out from you with the basic details you gave them to companies you registered by impersonating you and calling the company to extract more information by verify some verification the company would ask and slowly they build their way to your *BANK ACCOUNTS*
How does it work ? For Companies
This video will explain everything its only 3 minutes.
Basic questions !
Won’t they use their own phone numbers to call me ? I am able to report them to the police 😀
- Sorry to say they will use programs to spoof away their caller’s ID making you see its from a company name / number
I only gave them a part of information like Email, Date of birth, SSN/IC and name its just the basic information to verify me what can they do ?
- Whatever they asked to verify you, it can and will be used by other companies you registered with. They will impersonate you using those basic stuffs and faking their way to collect more information about you, by tricking the company’s customer service to give them information like security answers like faking they forgot it. From there they can slowly build your profile to start off with your bank to make large transfer without your approvals
- Big companies will never call you out of the blue and verify your information. IF the company has some changes and posted announcement that they need to re-verify the particulars, you receive a call from them, say you’re busy you will call them back later. After that go to their company’s website and call them using their official number to verify.
- For companies fearing to be attacked by this kind of “people’s hacker”. Hire experts to test your company’s customer service and they will explain where to improve.
- This attack is hard to avoid as you will never know cause its human interaction. People tend to fall into basic securities even they know they should not.
Share the knowledge with your friends and family!