Hey guys,
I apologize for not being very active these last times. I've been working and trying to prepare the amateur radio exam (not sure I'll do it, but I'm preparing it...), so nothing very exciting.
This won't be a technical article, just something that happened to me today. I received an anonymous call at my working place. The guy was a financial advisor who wanted to invest my money. He said that he had contacts within my company and that was the way he got my direct phone call. While speaking a British English, he started to ask me what I was interested in (retirement, etc) and fixed an appointment after asking me a bunch of questions, like my age, if I was single, etc. Actually, I thought it was someone of my company and I trusted him, until he asked me my email address. I gave him my address, but I was puzzled: how cannot he know my email address if he had a contact in my company ? That was weird.
I was really concerned about the privacy issue here. I decided to contact the HR and I explained to them what just happened. I was also pissed off they gave my direct contact to some stranger. It turned out that they were absolutely not aware of this activity and decided to directly contact them and they swore they never told anyone about my private info.
Meanwhile, I was thinking about how they could find me and I figure out they could have used Linkedin. This is the only place where I put real info about myself... and indeed, the company looked at my profile lately. Sounds pretty easy from here, they know where I work, they call the reception, ask for me and TADA, this is it.
I reported the case to the HR who said that they will sue them if another case is registered.
I know that if I'll go to the meeting, I will probably get out with a new insurance or I don't know what, so I decided to reply that "for security reasons, I have to decline the meeting". I'll classify this as social engineering act, and fuck, it worked very well !