Tweet
I work overnights helpdesk at a famous Fortune 500 company..
The message when they call in during afterhours is to press # key if it's a business critical issue.. as in pertaining to stopping the production of company's product. Otherwise, leave message on voicemail. Anyone who presses the # key rings right to me.
I get this gem tonight around 11:20pm CDT:
Me: (company) this is (name).
SC: I need my login fixed.
Me: Okay, can I have your userID?
SC: (gives it)
My company has a strict IT Security policy. Everyone who requests access or needs help accessing needs to be authenticated (last 4 SSN or DOB).
All my sources for her userID and name showed no valid SSN or DOB.
Me: I have nothing shown in my system to authenticate you with. Per IT Security policy, I'm not able to fix your login problem. Due to IT restructuring after (company events that happened) I am unable to page an IT Security on-call person to get this issue resolved.
SC: But I have to login tonight!
Me: If I fix your login access without proper authentication, I will be terminated.
SC: So do I have to call up (name of CIO/Head of IT for entire company) in order to get you dealt with?
Me:
No. I was going to insist that you called this helpdesk back during normal business hours as we could have contacted IT Security, however, if you're going to threaten me like that, here's the ticket number.
SC: Okay.
Me: (gives ticket number) As you are going to contact (name of CIO/Head of IT for entire company) I will be sending a note up to my management so they're aware of what you're going to do. Good bye. <click>
We'll see what happens today... I'll be checking my email box tonight when I get back and see what damage was done.
As far as I'm concerned, that was a social engineering attack with a name drop bomb threat.
The message when they call in during afterhours is to press # key if it's a business critical issue.. as in pertaining to stopping the production of company's product. Otherwise, leave message on voicemail. Anyone who presses the # key rings right to me.
I get this gem tonight around 11:20pm CDT:
Me: (company) this is (name).
SC: I need my login fixed.
Me: Okay, can I have your userID?
SC: (gives it)
My company has a strict IT Security policy. Everyone who requests access or needs help accessing needs to be authenticated (last 4 SSN or DOB).
All my sources for her userID and name showed no valid SSN or DOB.
Me: I have nothing shown in my system to authenticate you with. Per IT Security policy, I'm not able to fix your login problem. Due to IT restructuring after (company events that happened) I am unable to page an IT Security on-call person to get this issue resolved.
SC: But I have to login tonight!
Me: If I fix your login access without proper authentication, I will be terminated.
SC: So do I have to call up (name of CIO/Head of IT for entire company) in order to get you dealt with?
Me:
No. I was going to insist that you called this helpdesk back during normal business hours as we could have contacted IT Security, however, if you're going to threaten me like that, here's the ticket number. SC: Okay.
Me: (gives ticket number) As you are going to contact (name of CIO/Head of IT for entire company) I will be sending a note up to my management so they're aware of what you're going to do. Good bye. <click>
We'll see what happens today... I'll be checking my email box tonight when I get back and see what damage was done.
As far as I'm concerned, that was a social engineering attack with a name drop bomb threat.
rb
Comment