T 3.45 Inadequate checking of the identity of communication partners

During personal conversations, on the phone or using e-mail, many people are prepared to pass on a lot more information than they would do in writing or if they had a larger audience. Often it is tacitly assumed that the communication partner will treat the content of the conversation or e-mail as confidential. There is also a disinclination to enquire as to the identity of a caller as this will appear impolite. The same considerations deter people from querying the reason for the call or enquiring as to the person on whose behalf the caller is ringing ("I work for XY Bank and need some detailed information on your income level.") Such behavioural patterns can be exploited through "social engineering" (see also T 5.42 Social engineering).

Example:

There are many cases known in which journalists have phoned up important people and pretended to be other important people. In this way they have succeeded in obtaining information from celebrities or public figures which was not intended for the public. This has proved to be dynamite where the information was transmitted directly over the radio so that it was not possible to reverse publication.