Welcome to the SecAware blog

I spy with my beady eye ...

27 Sept 2014

More unsociable engineering

An unsolicited email from somone I have never heard of that reads "Hello, I am seeking representation for a wrongful dismissal. Please advice if this is your area of practice and how much it will cost me to retain your firm" may be brief but it smells distinctly like yet another social engineering scam - presumably an attempt at identity theft, advance fee fraud or some such dastardly deed.  The possibility of a lucrative business deal is a classic social engineering lure, while the sense of urgency is sure to follow.

We are not a legal firm and we don't represent others in employment disputes, but if we had been, and if we weren't quite as security-aware and alert for scams of this nature, one of us might have fallen for it or something similar. Given the scammers' negligible costs and income from past hits, carving suitable hooks to ensnare vulnerable people in all manner of professions, industries, organizations, cultures, hobbies etc. only requires a little knowledge/research and creativity - and there's a powerful lesson from history: fraudsters are cunning.  Remember those slap-the-forehead moments when you either figure out what they are up to, or some kind soul explains it to you?  Like good magic tricks, they are only 'obvious' once you discover how they work. Prior to that point they are, of course, pure magic.

Projecting forward, it is surely just a matter of time before the scammers figure out how to catch us out too ... in fact I can't be 100% certain that we aren't victims already (can anyone?) which reminds me to review our business continuity and contingency arrangements.  Forewarned is forearmed.  


No comments:

Post a Comment