In my post of January 31, 2019 – The Weakest Link In The Chain – I talked about Social Engineering (SE). While this post was aimed primarily at Social Engineering via the computer (fake pop-ups, phishing emails, etc.), I was reminded today by one of our customers that SE can occur via the phone, too.
Here’s some of the information I received from my customer:
“At about 4:00 this afternoon (Sunday) I got a call allegedly from FPL saying our power would be turned off tonight because we hadn’t paid an overdue $19.74. Supposedly we were on an auto-payment plan which required $19.74 more than the payment that I had recently made. She said that we had been sent a letter April 3rd telling us of the required payment amount, and I thought I may have trashed it, thinking it was some offer of surge protection insurance. The female caller seemed to know our names, addresses, and recent payment amount. She said that to avoid power cut off I could make a payment at a payment center. Stupidly thinking I could get the billing matter straightened out tomorrow with the FPL office plus (knowing that no payment center would be open on a Sunday), in a frantic action I gave her our credit card number and more stupidly to confirm the credit card validity I also gave her my mother’s maiden name and the last 4 digits of my SSN. She said that she was just in a 24 hour call center.
Afterward, I checked our credit card account on-line and didn’t see any unusual charges, but with my wife’s encouragement, I called my bank’s fraud line and discussed our concern about me possibly being scammed. They put an alert on our credit card account, and within an hour or two I got a notice that two suspect charges from Walmart.com for $291.87 and $291.87 had been blocked. I called the bank fraud line back and we cancelled that credit card. We have no liability and we don’t have to file a fraud claim because the charges were not approved and posted to our account. The bank will over-night us new cards.”
Whether it’s over the phone, at the front door or on the computer, there are always people around who will scam you, if you let them.
Remember the three ways scammers use Social Engineering to take advantage of you: 1) they try to panic you; they try to appeal to your willingness to help others; and, 3) they attempt to tap into your dreams and desires. The key to avoiding these pitfalls: think before you act. You can also call us and give us the opportunity to evaluate what’s really going on.