Site icon Paul's Notepad

Customer service a threat to your security?

cust_servThreat: Customer support leaking customer data in social engineering attacks.
Solution: Reduce digital footprint of public personal information to limit access to information which can used with customer service.
URL: http://arstechnica.com/security/2016/01/how-amazon-customer-service-was-the-weak-link-that-spilled-my-data/

This is an interesting article on how customer service can be targeted in social engineering attacks to give out your personal and financial information. In this case the individual was targeted multiple times through Amazon customer support. The attacker used information obtained about the individual online and after a series of online chats and phone calls built up more personal information about the victim and ultimately obtained his financial information.

This is a difficult attack to defend against. The first best defense is limiting the amount of online information available about yourself and your employees. As this victim did, it’s also important to follow up on any clues to potential breaches of your information. When a service allows it, using some form of two factor authentication is also highly advisable.

Exit mobile version