Attempting To Remotely Access Your Computer.
As far as I can recall, one of the oldest tricks In the book to social engineer the end user Into executing tasks on his/her PC, Is the good old phone call saying "Your computer has a virus". Whilst there are many reasons behind this, a well-known objective Is to lure the user Into navigating to a website and clicking on a malicious link provided by the attacker.
Depending on the nature of the deceptive site, the attacker can either gain remote access to the user's PC and have full control thereafter, or trick the user to log Into their online banking and transfer funds Into the attacker's account. Once access Is gained to the PC, the SE'er will look for all types of personal Information- photos, user logins, names, addresses, phone numbers, all of which can significantly help the attacker to build an Identity from the ground up.
I've personally experienced this, and although I Instantly Identified the caller as a scammer/SE'er, I must say It did sound rather authentic- with phones ringing and keyboards tapping away In the background, that's typical of an office environment.
I can confidently say that the average PC user can easily fall victim. If you receive a phone call similar to the above description, do NOT comply. Immediately terminate the call. If you're unsure as to the authenticity of the call, listen for background noise that's Inconsistent with the nature of the call.
For Instance, If the person claims to be someone from your Telco provider and there's a baby crying during the call, then It's obviously fake. Alternatively, ask to call them back. If It's a scam, then the social engineer will either terminate the call, or try and distract you In hope that you'll forget what you've asked for.
As far as I can recall, one of the oldest tricks In the book to social engineer the end user Into executing tasks on his/her PC, Is the good old phone call saying "Your computer has a virus". Whilst there are many reasons behind this, a well-known objective Is to lure the user Into navigating to a website and clicking on a malicious link provided by the attacker.
Depending on the nature of the deceptive site, the attacker can either gain remote access to the user's PC and have full control thereafter, or trick the user to log Into their online banking and transfer funds Into the attacker's account. Once access Is gained to the PC, the SE'er will look for all types of personal Information- photos, user logins, names, addresses, phone numbers, all of which can significantly help the attacker to build an Identity from the ground up.
I've personally experienced this, and although I Instantly Identified the caller as a scammer/SE'er, I must say It did sound rather authentic- with phones ringing and keyboards tapping away In the background, that's typical of an office environment.
I can confidently say that the average PC user can easily fall victim. If you receive a phone call similar to the above description, do NOT comply. Immediately terminate the call. If you're unsure as to the authenticity of the call, listen for background noise that's Inconsistent with the nature of the call.
For Instance, If the person claims to be someone from your Telco provider and there's a baby crying during the call, then It's obviously fake. Alternatively, ask to call them back. If It's a scam, then the social engineer will either terminate the call, or try and distract you In hope that you'll forget what you've asked for.