[NTLUG:Discuss] Social Engineering Attempt
Courtney Grimland
courtney at grimland.net
Fri Feb 4 16:23:33 CST 2005
brad angelcyk wrote:
>Robert: This (setting up sudo) should be a guideline for system
>administration. The root account should be accessed by as few people
>as possible. I used to work at an ISP, and the retention of our tech
>support employees was horrible. I wouldn't have trusted any of them
>with root access.
>
>Courtney: I'd call the company in Canada and see who they are.
>
They are a computer game developer in Vancouver, according to their
website. My guess would be that the CallerID info was spoofed.
Also, The mail server in question is at a hosting service, so we don't
have access to anything but the user setup via web browser. And being a
part-time support monkey/developer/student, I don't even have access to
that. It made me laugh when he tried to convince me that he was some
kind of field tech for us, since we're only a 6-person company and I've
been here longer than anyone but the owner. He spoke very fast and with
a heavy foriegn accent, like he was trying to confuse the information
out of me. After he told me that he worked for us, I realized what was
happening and asked him who he really was. That's when I heard a series
of 5-6 touchtone sounds (too fast to have been done manually) and then
CLICK - he hung up. It totally caught me off-guard (the call came right
after I got in this morning), or else I would have recorded the call and
played along with him just for fun. Oh well.
More information about the Discuss
mailing list