Another day, another Australian corporation actively encouraging social engineering. 🤦♀️
For YEARS, RACV has called from a "Private Number" to discuss a claim, and immediately asked me to confirm my full name, date of birth, and address “for security purposes.” (They're not the only Australian company that does this, but they are today's example).
Whose security?!
Let’s be clear:
You called me. From a hidden number. Asking for personal details.
That’s not security. That’s textbook social engineering.
When I push back, they read out an obvious script along the lines of "if you're not comfortable with this we will send an SMS to your mobile with details on how to call us back". So they know this is a problem. Yet they persist.
Kevin Mitnick was doing social engineering in the 1990s ("The Art of Deception" was published in 2002). It’s 2025. With scams and identity theft at an all-time high, why are large organisations still normalising insecure behaviour?
We need to stop training customers to hand over personal data to anyone who sounds official.
Do better, for all of our sakes.
This article was first published on LinkedIn
0 comments:
Post a Comment
COMMENTS ON THIS BLOG ARE FULLY MODERATED.
Comments with backlinks will be marked as Spam and never published.