Home page logo

pen-test logo Penetration Testing mailing list archives

Thoughts of the paranoid on the call centre security.
From: "Serg B" <sergeslists () gmail com>
Date: Fri, 18 Jan 2008 01:32:01 +1100

I needed to call my bank today to ask few questions…  Called the bank,
asked my questions and the lady on the other end asked me if she could
put me on hold while she searched for the required information.  I
don't generally like being on-hold so I said no and that I would
rather wait online.  She went a little quiet while she was doing
whatever it is that she was doing. Meanwhile, I am sitting there,
doodling and listening to all the background noise… Somehow it makes
me feel more comfortable than being on-hold. For some reason I tuned
into a particular conversation where a call centre person was reading
some numbers.  They sounded like somebodies credit card number (maybe
an account number).

And here is where I start getting a little paranoid: wouldn't it be
possible to call a bank call centre from a monitored (recorded) line,
keep the staff on the phone for as long as possible (I don't think it
would be very hard, just keep asking dumb but time consuming
questions) until you get tired of it or disk space/tape runs out.

Next comes the tricky part: filtering and isolating the conversations
in the recording.  Personally I wouldn't know where to start, however
people who are into their music software would probably find it

This makes me wonders if it could be a new (most likely inefficient
but non-the-less) higher-return method of phishing?

Just a passing thought…


This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]