Call Centers: A Gateway for Social Engineers to Access Your Company's Most Sensitive Information
In its most basic form, social engineering is the act of manipulating someone into doing something they normally would not do. For the authors' purposes, they will consider social engineering the art form of using deception and manipulation to persuade an unsuspecting person to perform actions like divulging confidential information or allowing unauthorized access to sensitive data. The area most susceptible to a successful breach isn't a company's network perimeter or web applications, it is actually customer support. The relatively weak controls applied to a customer support center expose the company's most important assets - reputation, corporate information, and customer data - to extremely high levels of risk.