A Study of the Different Types of Social Engineering Attacks Against Customer Support of Mobile Service Providers in Mumbai

Abstract

Background Attacks that involve social engineering have become a significant cybersecurity concern, particularly in the customer support sector of mobile service providers. Unlike traditional cyberattacks that exploit software vulnerabilities, social engineering manipulates human psychology to deceive individuals into revealing sensitive information or performing unauthorized actions. This study explores the various types of social engineering attacks affecting support staff in Mumbai’s telecom sector, focusing on techniques such as pretexting, phishing, baiting, and impersonation. Methods This study uses a quantitative research methodology based on survey data to thoroughly examine social engineering attacks directed at Mumbai-based mobile service providers' customer support representatives. The research design is based on objective collection of data and statistical analysis for meaningful deductions relating to patterns in attacks, targeted job roles of the employees, and the efficacy of implemented security measures. Results The study's findings indicate that attackers often exploit employees' lack of cybersecurity awareness, reliance on scripted procedures, and pressure to provide quick resolutions, making them susceptible to deception. Additionally, the research revealed that stronger security measures and employee training programs can significantly reduce the success of the attacks.
Examination and Conclusion The study concludes with strategic recommendations for mobile service providers, including enhanced employee training programs, stricter identity verification protocols, and AI-driven fraud detection systems to combat evolving threats. Moreover, the research discusses the role of regulatory frameworks and compliance policies in strengthening cybersecurity defenses. By addressing these vulnerabilities, telecom companies can significantly reduce the risk of attacks based on social engineering and protect both customer data and corporate integrity. This research contributes to the field of cybersecurity by providing actionable insights for industry stakeholders and policymakers