Be careful any suspicious phone call asking for information, which called Social Engineering Attack). Attacker may impersonate others such as internal staff, technical support or government departments etc, to call victim and creating sense of urgency to pressure unsuspecting users into exposing information such as contact numbers, password or giving access to computer/systems etc. Attacker may use the gathered information to carry out further attack in future, so please remind the following items:
- Stay alert if you receive a phone call from someone you do not personally know and asking for information or internal contact numbers.
- Don’t give out any information to unidentified caller.
- Don’t provide your password to others. IT help desk will never ask user to provide password.
- If you believe a phone call is a scam, don’t response to the caller’s request and simply hang up the phone.