- Dec 30, 2012
- 4,809
Live chat has become ubiquitous as a sales and support tool for software as a service (SaaS) or cloud based services. Entire businesses have been built around providing live chat, such as Olark (which my company uses) or Intercom. As the CEO and founder of a SaaS business (Sendwithus.com), I had very little question about if we should support live chat; it was just a question of how to offer live chat to our customers.
Like many enterprise platforms, we support adding multiple team members on an account and setting up user permissions like an account administrator. Early last year we were lucky enough to catch an attacker attempting to social engineer our live chat operator and gain access to a Fortune 1000 customer’s account. I say we were lucky because our typical attitude to support is customer focused, always looking to go the extra mile for a customer. I can imagine that, without certain conditions being met, we could have missed this.
For the uninitiated, social engineering is a form of fraud computer hackers often employ to gain access to information or systems by manipulating employees at their target company. An example of this is the 2013 credit card theft from retail mega chain Target.
In our case, the chat session started innocuously enough:
Further reading
Like many enterprise platforms, we support adding multiple team members on an account and setting up user permissions like an account administrator. Early last year we were lucky enough to catch an attacker attempting to social engineer our live chat operator and gain access to a Fortune 1000 customer’s account. I say we were lucky because our typical attitude to support is customer focused, always looking to go the extra mile for a customer. I can imagine that, without certain conditions being met, we could have missed this.
For the uninitiated, social engineering is a form of fraud computer hackers often employ to gain access to information or systems by manipulating employees at their target company. An example of this is the 2013 credit card theft from retail mega chain Target.
In our case, the chat session started innocuously enough:
Further reading