Physically Cross-Check The Person's Identification.
Door-to-door selling, has been around for decades and the moment you open the front door to the salesman, although It's on legit grounds, he can potentially grab your personal Information. Social engineers know very well of just how easy It Is to SE someone "physically", by pretending to be a salesman offering a deal you can't resist.
Preparation Beforehand:
Prior to attending your home, the social engineer has "prepared" himself with fake documents and contracts. He's also put together a fake ID with the Telco company logo, that's hanging around his neck. Moreover, the uniform Is also not legit, and he's stitched a fake company logo where It's clearly visible. This formulates the perfect Ingredient to play the role of a salesman.
SE'ers specifically choose the role of a door-to-door salesman, due to the simplicity of manipulating their target for all types of Information, that would otherwise be next to Impossible using other means of physical communication. He's also researched the area, and Identified the homes that will most likely comply with his sales, by excluding houses that are In poor condition and look as though they'll fall apart.
The SE Begins:
It's extremely simple to "physically SE" someone for their personal details. Here's an example of how the SE Is done.
The social engineer arrives at your doorstep wearing a "Telco uniform" and offering an excellent deal on a cell phone plan. It's an offer you can't resist- as It's significantly cheaper than the provider you're currently with. To keep the Interest alive, the SE'er will (seemingly) offer a "buy one get one free" deal.
As a result, you've completed the contract that the SE'er has handed you, by filling In your name, date of birth, driver's license number and a few more bits and pieces. The social engineer grabs the paperwork, finishes off with a "Thank you, enjoy the rest of your day" and that's the last you have heard of the "so-called" deal.
He now has all your personal details, and can do a lot of damage to your reputation. Furthermore, he has all the Information needed to build your profile, and steal your Identity. I don't need to explain what happens next.
Checking Identification:
Asking for ID alone, does not suffice. You must also "cross-check Its authenticity" by looking for Inconsistencies like spelling errors, poorly designed and formatted text and (where possible), the name on the ID against the company It's relative to.
You can do this (check the name) during the time of the sale, by telling the salesman that you need to quickly go to the rest room. In that time, call "his company", and ask to speak with the salesman (that you're currently with) by providing them his name. If they've never heard of him, then obviously he's not who he claims to be.
Door-to-door selling, has been around for decades and the moment you open the front door to the salesman, although It's on legit grounds, he can potentially grab your personal Information. Social engineers know very well of just how easy It Is to SE someone "physically", by pretending to be a salesman offering a deal you can't resist.
Preparation Beforehand:
Prior to attending your home, the social engineer has "prepared" himself with fake documents and contracts. He's also put together a fake ID with the Telco company logo, that's hanging around his neck. Moreover, the uniform Is also not legit, and he's stitched a fake company logo where It's clearly visible. This formulates the perfect Ingredient to play the role of a salesman.
SE'ers specifically choose the role of a door-to-door salesman, due to the simplicity of manipulating their target for all types of Information, that would otherwise be next to Impossible using other means of physical communication. He's also researched the area, and Identified the homes that will most likely comply with his sales, by excluding houses that are In poor condition and look as though they'll fall apart.
The SE Begins:
It's extremely simple to "physically SE" someone for their personal details. Here's an example of how the SE Is done.
The social engineer arrives at your doorstep wearing a "Telco uniform" and offering an excellent deal on a cell phone plan. It's an offer you can't resist- as It's significantly cheaper than the provider you're currently with. To keep the Interest alive, the SE'er will (seemingly) offer a "buy one get one free" deal.
As a result, you've completed the contract that the SE'er has handed you, by filling In your name, date of birth, driver's license number and a few more bits and pieces. The social engineer grabs the paperwork, finishes off with a "Thank you, enjoy the rest of your day" and that's the last you have heard of the "so-called" deal.
He now has all your personal details, and can do a lot of damage to your reputation. Furthermore, he has all the Information needed to build your profile, and steal your Identity. I don't need to explain what happens next.
Checking Identification:
Asking for ID alone, does not suffice. You must also "cross-check Its authenticity" by looking for Inconsistencies like spelling errors, poorly designed and formatted text and (where possible), the name on the ID against the company It's relative to.
You can do this (check the name) during the time of the sale, by telling the salesman that you need to quickly go to the rest room. In that time, call "his company", and ask to speak with the salesman (that you're currently with) by providing them his name. If they've never heard of him, then obviously he's not who he claims to be.