Thursday, March 31, 2005

An example of social engineering

A marketing guy tries to cold call an important executive of a particular company. As soon as the executive sees the un-recognized number, he lets the call goto the voicemail. If you were the marketing guy, how would you social engineer your way to the executive?

Now as you know, phone numbers in a company are always assigned in a particular series. I'd call up one of the other number in the series (not the executive's number). My conversation would go on something like this:

Bob: (who picked up the phone): Hi, this is Bob.
Me: Bob? (acting surprised). Oh, seems that I have reached the wrong number. I am a friend of <enter executive's name> and was trying to reach him. Could you do me a favor and transfer me over to him?
Bob: Sure

Bob dials the extension of the executive to transfer the call. The executive sees an internal extension number on his phone and picks it up. Marketing guy connected to the executive. Now whether the marketing guy has the ability to hold onto the executive attention, is altogether a different story.

btw, if I was Bob (the guy who picked up the phone), I'd politely tell the other guy that I am transferring him to the receptionist. I'll let the receptionist do the 'background check' before deciding how to deal with the call.

