Breaking Down the Employee Impersonation Phone Scam
Mike Yang
November 17, 2015 (UPDATED ON October 31, 2025)
2 minutes read time
The first step in protecting against phone scams is understanding how they work. That’s why in this series, we’re breaking down some of the newest and most popular phone scams circulating among businesses and consumers.
The Scam
You’re a call center representative for major telecommunications carrier. Days are pretty easy, you help customers troubleshoot problems and use KBAs to help identify customers to help them. Sometime in the afternoon you get a call from one of your co-workers who is having a technical issue. No worries, this sort of thing happens all the time. After verifying that he had his employee ID number, you help your fellow call center rep get an account number, PIN, email address, and other information to fix the issue. You pack your things up, turn off your computer, and head off. Another day’s work complete.
Here’s What Really Happened
Little did you know that co-worker of yours wasn’t actually an employee, he was a high school hacker, and that information you helped get belonged to a minor internet celebrity. From there the hacker got access to the victim’s email account and found numerous documents, including personal emails, contact lists, phone logs, and even social security numbers. So how did this happen?
Social Engineering
The high schooler was able to trick several call center representatives into divulging sensitive information all by finding the victim’s phone number online and locating the provider associated with that number. He was able to pass several knowledge based authentication questions (KBAs) just by looking on the Internet.
Reconnaissance
The caller knew that you would need his employee ID number to get him the information he needed. That means he’d already done his research, making test calls, or searching online, to learn what format to make his own fake id number believable.
Cross-Enterprise Attacks
Wait – who got attacked here? You gave out the information, but the fraudster was actually hacking into an account at an entirely different company.
Related research + insights
Access expert research, detailed guides, and practical resources on voice security to strengthen your contact center’s defenses.
One Year Later: Michigan State University Federal Credit Union Minimizes Fraud Exposure by Millions
December 1, 20257 minutes read time
From Limitation to Exploitation: Tackling Deepfake Audio Risks in Voice Security
October 20, 20252 minutes read time
