Skip to content

Recognizing deceptive answers

Question: 
You instruct people to listen carefully for deceptive answers before releasing information. Can you provide me with an example of a deceptive answer that a staff member might accept from a social engineer?
Answer: 

Businesses today love challenge questions to prevent compromise of information. A financial institution might use one like: “Can you tell me any of your latest transactions on your account?” The criminal will answer that they know the balance in the account was x dollars. Here training is required. We find staff would accept this answer if the balance was right. Except the criminal never answered the real question - what were any of their latest transactions? The normal person can identify at least one of recent transaction. In this case, your staff member needs to know how to challenge a deceptive answer.

Learn more about Barry’s webinar Deception for Dollars: Social engineering your staff and call center.

First published on 04/17/2016

Filed under: 
Filed under operations as: 

Search Topics