You are a call center agent who takes tech support calls for a mid-sized bank. Your job is to help banking customers gain access to their mobile banking who have been locked out of their account after several failed password attempts.
You are a call center agent who takes tech support calls for a mid-sized bank. Your job is to help banking customers gain access to their mobile banking who have been locked out of their account after several failed password attempts.
You can try up to three different troubleshooting attempts to help the customer. After each (possibly) failed attempt, you have the option of immediately transferring the call to Level 2 Tech Support. At the beginning of every call, you first unlock the customers’ account and ask them to re-enter their username and password. This takes 3 minutes and succeeds 30% of the time. If this attempt fails to get the customer mobile banking access, you must make a decision.
You may transfer the call or you may email the caller a temporary password to see whether the customer is able to gain access. Resetting the password takes 2 minutes and succeeds 50% of the time. If this attempt fails, you again have a decision.
You may transfer the call or you may remote login to the customer’s computer and do further troubleshooting (clear cache and cookies, check for browser compatibility). This further troubleshooting takes 10 minutes and succeeds 100% of the time.
The call center management has a unique compensation scheme. Rather than being paid an hourly wage, you are paid/charged based solely on performance. Specifically, each time you successfully help a customer gain access, you receive $2.00 and each time you transfer you are charged $0.40.
To simplify things, let’s suppose that you’re choosing between three different policies where you follow the same decision-making strategy each call (this means that we only have to examine the problem for one call since you’re following the same strategy every call):
– Policy 1) only try attempt 1; transfer if attempt 1 fails
– Policy 2) try up to the first two attempts, transfer if attempt 2 fails
– Policy 3) try up to all three attempts.
Answer the following questions:
a) Which policy maximizes your expected profit per call? What is the expected profit per call (in dollars) under this policy? (3 points)
b) Which policy minimizes your expected time spent handling each call? What is the expected time (in minutes) spent handling each call under this policy? (3 points)
c) Which policy maximizes your expected profit per unit time? What is the profit per unit time you earn per hour under this policy? (4 points)
discuss how to prevent the most common social engineering attacks.
Social engineering attacks are not only becoming more common against enterprises and SMBs, but they’re also increasingly sophisticated. With hackers devising ever-more clever methods for fooling employees and individuals into handing over valuable company data, enterprises must use due diligence in an effort to stay two steps ahead of cyber criminals.
Social engineering attacks typically involve some form of psychological manipulation, fooling otherwise unsuspecting users or employees into handing over confidential or sensitive data. Commonly, social engineering involves email or other communication that invokes urgency, fear, or similar emotions in the victim, leading the victim to promptly reveal sensitive information, click a malicious link, or open a malicious file. Because social engineering involves a human element, preventing these attacks can be tricky for enterprises.
Read more about social engineering attacks in our article on social engineering.
We wanted to educate companies, employees, and end users on how to better recognize social engineering efforts and prevent these attacks from succeeding. To uncover some of the most common social engineering attacks being used against modern enterprises and get tips on how to avoid them, we asked a panel of data security experts and business leaders to answer the following question: