OmeTV Pretexting Phishing Attacks: A Case Study of Social Engineering

Abstract

One of the most common types of social engineering attacks is phishing. This technique uses psychological manipulation of the target to unknowingly hand over the information the attacker wants. Our research tries to find out how a phishing attack can be executed by first pretexting the OmeTV video chat application. The target of our attack is OmeTV players from Indonesia who are over 18 years old. The proposed attack methodology is Social Engineering Session (SES). This study also aims to provide an overview of what kind of information can be extracted from the target during an attack. The results show that the pretexting phishing attack on the OmeTV video chat application was successfully carried out to obtain some of the target’s personal information including: full name, date of birth or age, address, educational status, hobbies, Instagram account, and phone number.