Technology

Phishing Attack – Phone Call (Example) | Cyber Security | Social Engineering

In this guide we will look at one example how a phishing attack can be carried out through a phone call. We will also look at what could happen to our data if the attack was successful and how we could have prevented this. More detailed information regarding phishing can be found on my other post titled “How Do I Overcome Phishing Attacks?”

Scenario

You receive a call from your bank saying that your account has been put on hold due to some suspicious transactions and in order to unfreeze the account you will need to answer some security questions. You have checked the caller ID and the call is coming from your banks phone number so you have no reason to be suspicious.

What is actually happening?

The caller may be using caller ID spoofing to make it look like the call is coming from the bank when it is not. The caller’s goal in this scenario is to get the answers to your security questions and potentially other sensitive data following this.

What will they do with my data?

The scammers may use this information to get access to your bank account and transfer funds. If you had followed through with the call, they may have asked more personal questions such as your social security number, birthdate, etc. This would have provided the scammer with enough information commit identity theft. Identity theft will enable to scammer to take out loans, credit cards or open bank accounts in your name. This information is likely to be resold on the darknet for other criminals to use the data for similar purposes.

What should I have done?

You should hang up the phone and called your bank using the number on the back of your card or from their website. This will ensure that you are speaking to the banks employees and can feel confident in sharing answers to security questions that may be required to pass security verification.

5 thoughts on “Phishing Attack – Phone Call (Example) | Cyber Security | Social Engineering”

  1. Undoubtedly! I check my accounts regularly and mostly do online banking. I have had issues with fraud many times. New debit cards, new credit cards. The hassle of all.
    But for the convenience of banking online, I guess one has to expect this.
    Similar to government calls told Banks and government do not call you.
    They send you a letter which one can verify all info.
    Good reminder this article.
    Thank you!😊👍

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.