Today was interesting.

My mobile banking was suddenly not working and I was quite panic. I have some sort of strange relationship with banking around here. I don't know but over the last 5 years, I am someone who frequently talks to a customer service. So today, I wanted to know what was going on with my mobile banking app. My bank is quite peculiar. They will not reply fast over the customer service on their website but they will reply Twitter DM's and direct call.

Before calling the bank, I checked on Twitter to see what's going on with it. People normally update their status there and as I predicted, I was not alone. However, I spotted some twitter accounts pretending to be a customer service. They have the exact logo, the exact writing style, and replied the customer to contact their whatsapp service. For a second, I believed it because my bank has that service too and I happen not to know their number.

So, I clicked on their Whatsapp number and started typing ....

hey is the app having an issue?

As I waited an answer, I doubled checked the account and I noticed something strange. My mouse hovered to the account and the account has only a few followers. I noticed several other accounts with the same pictures, same name but different username. So that was the first red flag.

Then... I got a whatsapp notification, the other person (allegedly customer service)replied.

HelLo thanks for contacting us.

Their typos was another redflag. Shortly, they immediately called me. Before picking it up, I was noticing that they are not even verified( fake verified), their account was fake verified. I was immediately telling myself " calm down, calm down, this is an attempted hack".

I picked up the call. The voice, tone and language style were different from what I normally hear. I am someone who often talks to a customer service and has many relatives working in the banking sector. Their tone, voice,and language style are trained while this voice I was hearing was not. So, when they attempted to ask me what was my problem.

I told them this ;

No, it's fine. It turns out, it was the WIFI. Thanks.

I know how normally conversation goes with a customer service. They'll ask your personal details and even your mother's name. So before they even got to it, I said calmly once more.

No, thanks. I figured it out. It was the WIFI

The other person replied

ok then.

Silly me, I should have reported it but I deleted the number right away.

I have never been scammed through a social engineering. This was the first I encountered a case like this. If I lost money, that was either my stupidity for missing a digit, a memo or sending it to another account. Today, because I panicked, I lost my sense of awareness.

Perhaps, If I were not memorizing and re-reading the book from Kevin Mitnick titled The Art of Deception all over again, I would not be aware of this possible situation. So thanks to that book.

You can never protect yourself 100%. What you do is protect yourself as much as possible and mitigate risk to an acceptable degree. You can never remove all risk. - Kevin Mitnick

And Mitnick even said, human factor is a big contributor in attempted hacking more than the firewalls. So again, when dealing with electronic transaction, remember that we are still the brain and these system are just tools.

Never ever click, enter your information, or sending anything in a questionable link.

When you are suddenly winning something or getting airdrop double check.

Always verify, double check, and be vigilant.

Mac covers technology, philosophy, nootropics, books, productivity, minimalist lifestyle, cybersecurity and languages. Other than those, she is passionate about cooking and travel. In her free time, she enjoys learning art and exploring new hobbies. In Hive, she enjoys writing essays, reviews and answering life philosophical questions. If you love coffee, don't hesitate to send her a message or interact with her via twitter

Hive account@macwyls.

Think With Caffeine : Almost got scammed and let's talk about the element of human security

Never ever click, enter your information, or sending anything in a questionable link.

When you are suddenly winning something or getting airdrop double check.

Always verify, double check, and be vigilant.