Author Topic: "New FCC regulation"  (Read 1889 times)

Offline Derek Xero

  • Junior Phone Loser
  • **
  • Posts: 25
  • 1337 13V3L: +2/-1
"New FCC regulation"
« on: April 10, 2009, 07:30:54 PM »
In my recent attempts to social engineer information from wireless companies, I've been asked to supply a 4 digit account password. According to a verizon/page plus customer service representative, the FCC is requiring this code to be supplied before any account information is given whatsoever. This doesn't make social engineering impossible, just harder and incredibly tedious for those like me who are relatively new to it. The passcode is even required for supposed employees from other departments. Can anyone offer insight into this?

Offline rbcp

  • Head Custodian
  • Administrator
  • Ninja Phone Loser
  • *****
  • Posts: 5259
  • 1337 13V3L: +454/-81
  • I'm not stupid! I'm not stupid! Hematology!
    • Homepage
Re: "New FCC regulation"
« Reply #1 on: April 10, 2009, 08:32:31 PM »
It's harder now than it was just a couple years ago, but it's still relatively easy as long as you're pretending to be an employee.  Just keep trying and you'll end up with one who doesn't ask for their password.  Pretending to be the customer sucks, especially compared to 10 years ago.  Customers are stupid, though, and will forget their passwords so they'll need another way to verify themselves.  A lot of times it's a personal question, like "What was your favorite teacher."  But what do they do if that's wrong too?  Seems like they'd be forced to revert back to asking you for your SSN or DOB or other things.

Guess they could offer to send the secret code to their phone's handset, but you could counter that with something like, "I lost my phone's handset and that's the reason I'm calling in."  You could even add to that, that that's where you store your secret codes and passwords on your phone.  Why don't you know who your favorite teacher was?  Because you're an avid blogger and all your readers know who your favorite teacher was.

Did you see how I used 3 that's in a row in that one sentence?  Holy crap, I am awesome!

Offline Derek Xero

  • Junior Phone Loser
  • **
  • Posts: 25
  • 1337 13V3L: +2/-1
Re: "New FCC regulation"
« Reply #2 on: April 11, 2009, 11:44:13 AM »
It's harder now than it was just a couple years ago, but it's still relatively easy as long as you're pretending to be an employee.  Just keep trying and you'll end up with one who doesn't ask for their password.  Pretending to be the customer sucks, especially compared to 10 years ago.  Customers are stupid, though, and will forget their passwords so they'll need another way to verify themselves.  A lot of times it's a personal question, like "What was your favorite teacher."  But what do they do if that's wrong too?  Seems like they'd be forced to revert back to asking you for your SSN or DOB or other things.

Guess they could offer to send the secret code to their phone's handset, but you could counter that with something like, "I lost my phone's handset and that's the reason I'm calling in."  You could even add to that, that that's where you store your secret codes and passwords on your phone.  Why don't you know who your favorite teacher was?  Because you're an avid blogger and all your readers know who your favorite teacher was.

Did you see how I used 3 that's in a row in that one sentence?  Holy crap, I am awesome!


Thanks man.