Overview

Social engineering is a tactic in which attackers manipulate people into giving up access or sensitive information. In customer support, this can appear as someone pretending to be a legitimate user who is locked out of their account.

This article explains why you may see an impersonation warning and how to handle it.

Why is there a warning on my conversation?

You’ll see a warning on conversations where a lead claims to have the same email address as an existing user in your workspace.

• A Small exclamation mark appears on each message in the lead’s conversation

• The Warning indicates that the person may not actually own the email address they provided

These warnings exist to help you avoid trusting an unverified email address entered in Messenger.

Leads and users can appear with the same email address across different devices. If the system automatically trusted the email address alone, it could allow user spoofing or social engineering attempts.

You should always verify the identity of the person before sharing sensitive information or making account changes.

How does it work?

If there’s an existing user with the email victim@example.com, and a new lead claims to have that same email, a warning will appear on the lead’s conversation.

In this example, there is a legitimate user on the workspace called Dan Fox with the email dan.fox@example.com

Later, an unidentified visitor enters dan.fox@example.com in the Messenger and asks for a password reset. Since there is no proof they own the address, a warning appears on the conversation:

This does not automatically mean the person is an attacker. They may simply be logged out or locked out of their account. However, it could also be an impersonation attempt.

Always verify identity before taking action!

FAQs