Social Engineering at Work
15/Apr 2010
I’ve never had social engineering done at me, but recently there was this guy who phone me by directly calling MX Telecom’s number. He said he was calling from DHL and that he had a package to be delivered for me. He wanted the name of two other people who would sign the delivery report in case I was not there. I complied and later a colleague told me that this is most likely a recruiter collecting names from the companies. Aha!
So, I had another call yesterday and this time I was quicker to react. The conversation went like this:
Hi, Could I speak to Jesús?
On the phone.
Hi, I’m a promoter who is organising an event at the O2 Arena for Playboy Magazine.
Playboy?
Yeah, the adult magazine, have you ever heard of it?
Barely, go on.
Well, they are organising this event for IT professionals and they wanted as many IT professionals to attend this event. I’ve got 6 tickets so if you could give me 5 names I’ll send them to you guys.
Sure, jot down please:
Juan Perez and Joseph Garcia, they are americans and have just arrived to the company.
Oh, sure. Is there any lady there who would like to attend?
To a playboy event? Yeah, I know of one: Ana Botieso, a nice Spanish girl.
is that all?
Yup, thanks a lot, I’m really looking forward to having those tickets.
No problems bye.
bye.
All of this while my mates at work were looking at me and giggling. Obviously the two first names were made up. The girl’s name stands for “An Erect Penis” in Spanish if you put it all together.
So you know, guys, if you ever receive such a suspicious call, you can be playful and have a bit of fun. You never know if you are going to get a call from one of these dicks.