|
Social Engineering Sample - Telephone |
Telephone Script - Change in Federal Reserve Email
This telephone script plays on a recent change to communications sent
by several Federal Reserve districts. Several districts are converting
to a "Secure Email" system which sends emails with links in the them
for recipients to click on, login and download a message. While this
method is secure, we have had reports from a number of banks that they
have not been notified by the Fed of the change. but went ahead and
used the new system. This caused some confusion as to what the message
was and how to respond to it. Well trained employees called a contact
at their Federal District, others simply clicked on the link.
This situation is a prime candidate for criminals to use social
engineering techniques to get empoyees to go to malicious websites via
phone or email.
----Begin Script----
Hello, My name is Judy Taylor, I am calling from the Federal Reserve of
Kansas City. We recently sent you correspondence using our new "secure
email" system, and we have not received confirmation that you received
it. The email contains important time sensitive information so it is
very important that your bank receive it. Due to the high number of
banks that we need to contact about this, we are asking that person who
answers the phone to go to our website, print off the page and give it
to their Cashier.
It will only take a minute of your time. Please go to http://www.zixhelp.com/webhelp/portalhelp.htm
Thank you,
----End Script----
|
Social Engineering