A woman in Singapore lost $300,000 to a scammer posing as a Singtel customer service employee, according to the Straits Times. The scammer told the victim he would fix some problems with her WiFi connection, and he kept her on the phone for two hours. During this time, he convinced her to give him access to her computer and her online bank account, along with sensitive personal information. The scammer used this access to withdraw vast amounts of money from her account and the accounts of two of her family members.
The scammer used scare tactics to keep the victim on the line. He even connected her with another scammer who claimed to be working for the police. The two scammers told the victim that her IP address was being used in several countries, and they showed her a picture of a Russian man who they claimed was using her account.
“Throughout this process, they kept telling me not to talk to anybody, not to inform anybody, and to keep the landline on and my hand phone switched off,” the woman told the Times. “Not knowing anything, I just followed through. That's when it all happened.”
This seems a lot of effort on the criminals’ part, but $300,000 is, sadly, a very good return on the two hours they invested. Scammers frequently try to keep their victims isolated and frightened so no one else can warn them that they’re being scammed.
The very same tactics—slightly modified—are being used in office environments. Combinations of pressure tactics, deception, isolation and tag-teaming are used in CEO Fraud as well.
New-school security awareness training can help your employees in multinational offices recognize the red flags of social engineering and encourage them to seek external advice before giving your organization's confidential information or money to a scammer.
The Straits Times has the story: https://www.straitstimes.com/singapore/courts-crime/woman-loses-300k-to-singtel-customer-service-caller-helping-her-solve-wi-fi
Here's how it works:
