Recently, I was sitting in my home office working on a report. My cell phone rang. Normally this would not have been a reason for concern because I forward my work phone to my cell phone all the time.
So I answered the phone and a recording said, “this is AT&T, your account has been locked due to irregular behavior, please press one to unlock”. So obviously this was a scam, I looked at the screen and it said my name and nothing else, wherein normal instances, it would show my name and the name of my company.
But I was curious, so I pressed one. The next thing it said was “please enter your social security number”, definitely a scam so I hung up. I called AT&T and the customer service rep I spoke with verified that it was indeed a phishing scam and they have developers tools for users to deal with it.
The reason for this post is because we need to remember, especially those of us in IT or Cyber Security who think we “know computers”, that we must always stay vigilant. Despite what you may hear, the internet is still the Wild West.
So let’s look at this scam in detail:
This case is not unique to me, the reason phishing is called what it is, has to do with historical fishers used a wide net to catch as many fish as possible. The scam that I described above has happened to thousands, if not millions in one form or another. This is why CyberSecurity and awareness training should be a common practice, something that is discussed regularly at work and at home. It’s the only way to stay safe….as safe as possible.
Jason Nelson @dragonwolftech