The attacker succeeded in their effort by providing the representative with a fake address: a nearby hotel’s address that Eric had used to set up some domains, knowing that the WHOIS information would eventually become public. The phony customer then pressed the customer representative for more information and was quickly told the real address and phone number of Eric, as well as the balance of any gift cards on the account. Eric was shocked: But the social engineering attacks did not stop there. By this point, Eric had had enough, so he removed his address from his account. As of now, this story serves as a great wake-up call that even the best passwords and most carefully plotted online lives aren’t protected from a really shrewd and determined social engineer.
