top of page

The Art of Deception: A Social Engineering Example

SHARE THIS WILL YOUR EMPLOYEEES AS AN EXAMPLE THEY CAN LEARN FROM



Social Engineering Scam


Social engineering is a powerful tool in the hands of cybercriminals. By manipulating individuals into divulging sensitive information, attackers can gain access to sensitive systems and data. In this blog post, we'll demonstrate a scripted conversation between a social engineer and a naive target, showcasing how easily one can fall prey to such tactics.


Script:

Social Engineer (SE): Hi there, I'm calling from Bankit Financials' security department. We've noticed some suspicious activity on your account.


Target (T): Oh no, what kind of activity?


SE: We can't disclose that over the phone, but we need to verify your identity to ensure your account's security.


T: Okay, that makes sense. What do you need to know?


SE: Can you please confirm your full name, address, and the last four digits of your Social Security number?


T: Um, I'm not sure if I should share that…


SE: I understand your concern, but this is a routine security check. If you don't cooperate, we'll have to freeze your account temporarily.


T: Okay, I don't want that to happen... (provides the requested information)


SE: Great, thank you for your cooperation. We'll also need to confirm your banking information. 

Can you please tell me your debit card number and expiration date?


T: (hesitates) I don't know if I should…


SE: Ma'am, this is a one-time verification process. We need to ensure your account's security.


T: (provides the requested information)


SE: Thank you for your cooperation. We'll take care of the rest.


T: Wait, what's going to happen next?


SE: (hangs up the phone)


Conclusion:

In this scenario, the social engineer successfully manipulated the target into divulging sensitive information. Remember, banks will never ask for personal information over the phone or email. Always verify the authenticity of such requests and never hesitate to hang up and contact your bank directly. Be wary of a call being initiated to you unexpectedly, that is usually a telltale sign. 


Stay vigilant and keep your personal information safe!


Recent Posts

See All

2 Comments


chriss
Jun 22


Like

chriss
Jun 22

Unfortunately, this sort of thing is happening on a daily basis to everyday citizens, not just businesses.

Like
bottom of page