2019-031- Dissecting a Social engineering attack (Part 2)
Published August 16, 2019
|
50 min
    Download
    Add to queue
    Copy URL
    Show notes

     

    Intro - Ms. DirInfosec “Anna”

    Call Centers suffer from wanting to give good customer service and need to move the call along.

        Metrics are tailored to support an environment conducive to these kinds of attacks

    https://en.wikipedia.org/wiki/Social_engineering_(security)

    Social engineering will prey on people’s altruism 

        “Pregnant woman needing help through the security door”

        “Person on crutches”
        “Delivery person with arms full”

        “Can’t remember information, others filling in missing bits”

        Call Center Reps are _paid_ to be helpful. “Customer is never wrong”

     

    Creating a sense of urgency to spur action

     

    Real-life scenario: "bob calls asking about status of an order"

    Questions: 

    1. What were you doing for training prior to these calls? (it’s alright if you weren’t doing anything) :)

    Pre-training audio (#1 and #2)

     

    1. What was their reaction about the calls received?

     

    1. Did the training take the first time?
      1. What difficulties did you have after the first training?
      2. ‘Getting better Audio’ (#3)
      1. Fake calls?
      2. Show examples?
    2. Talk about the training, what kind of training:
      1. Post audio (#4 and #5)
    3. How did your call center reps handle the training?
    4. For a business standpoint, what had to be changed to accommodate the new processes

     

    https://www.pindrop.com/blog/tackling-113-fraud-increase-call-centers-webinar-recap/

    https://www.bai.org/banking-strategies/article-detail/beating-crooks-at-call-center-fraud

     

    @consultingCSO on twitter

     

    Check out our Store on Teepub! https://brakesec.com/store

    Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com

    #Brakesec Store!:https://www.teepublic.com/user/bdspodcast

    #Spotifyhttps://brakesec.com/spotifyBDS

    #RSShttps://brakesec.com/BrakesecRSS

    #Youtube Channel:  http://www.youtube.com/c/BDSPodcast

    #iTunes Store Link: https://brakesec.com/BDSiTunes

    #Google Play Store: https://brakesec.com/BDS-GooglePlay

    Our main site:  https://brakesec.com/bdswebsite

    #iHeartRadio App:  https://brakesec.com/iHeartBrakesec

    #SoundCloudhttps://brakesec.com/SoundcloudBrakesec

    Comments, Questions, Feedback: bds.podcast@gmail.com

    Support Brakeing Down Security Podcast by using our #Paypalhttps://brakesec.com/PaypalBDS OR our #Patreon

    https://brakesec.com/BDSPatreon

    #Twitter@brakesec @boettcherpwned @bryanbrake @infosystir

    #Player.FM : https://brakesec.com/BDS-PlayerFM

    #Stitcher Network: https://brakesec.com/BrakeSecStitcher

    #TuneIn Radio App: https://brakesec.com/TuneInBrakesec

     

      15
      15
        0:00:00 / 0:00:00