A video named “And all it took was a crying baby and a phone call?…” recently showed how out of touch are some of cybersecurity sub members, so it’s time to get some things straight: No, it isn’t possible to lock out someone like this with a phone call.

Why exactly tho? Well, there are numerous pitfalls that can easily hard wall all of your attempts no matter how good your speech is.

1. Customers data protection policy – It’s usually next to impossible to choke anything out of even lowest help desk, especially in places with strict data protection laws such as Europe. I often run errands for other family members, and multiple times I was denied simplest information such as full name despite talking face-to-face on site and showing my ID who had the same surname and home address.

2. Multi level help support – Helpdesk often consist of multiple levels. When you call the helpline, you’re starting from lowest levels consisting of bots and Joes who don’t have much access and are meant to filter common problems like PEBCAK before redirecting you to the tech support. Usually, tech support is the last step on the ladder, but sometimes there are even more levels before you can get to someone who can actually change account settings like passwords.

3. Helpline employees – Helpdesk proves the existence of god because the devil is clearly behind it’s creation. Realize that a lot of employees would be more than happy to hang up on you instead of jumping hops over rules. God forbid if it’s an corporate hell where managers are more than happy to punish everyone for someone’s mistake just to save face.

4. You won’t know who to call in first place or what to ask for without a lot of work beforehand. While you can gather basic informations easily, finding what service providers, especially the niche ones with poorly trained tech support, would be often problematic.

Of course, there are numerous vulnerabilities to exploit:

1. Can be often easily bypassed through identity theft
2. Multi level help support is there to cut costs. This means that people on lowest levels are often poorly trained and you could get them to leak something useful
3. This applies the other way around too. An employee who just wants to get over with the day is more likely to speedrun even most suspicious requests

Remember that social engineering is ultimately the same art of exploiting as hacking, you need to know your target first and how to approach it in order to succeed. Randomly dropping USB drives won’t catch targets like cybersecurity hotshots, but including it along photos of a cheating wife will quickly remove all breaks on even most paranoid people.