CDoug

Category: Safety

Published: 08 June 2026

Read Time: 1 min

Hits: 12

🚨 One Time Pass-Code - Incident Overview 🚨

Our company was recently targeted by a sophisticated, multi-stage social engineering scam.

📱 An attacker called our office pretending to be from The Home Depot Credit Center. They used 🎭 caller ID spoofing to mask their actual number and display the legitimate Home Depot support line.

The Scammer’s Tactics 🪤

• 🚨 Fabricated Emergencies: The caller claimed an unauthorized person was currently attempting a massive transaction (over $2,000) on our corporate account.
• 🔑 Credential Harvest Attempts: After creating panic, the scammer triggered an official corporate password reset or login request to our company email.
• 📳 The Trap: The caller aggressively demanded the One-Time Passcode (OTP) sent to our inbox to "verify identity" and "cancel the transaction.

Critical Security Reminders 🛑

Due to fast thinking by management, no data or funds were compromised. 🔐

However, please review and memorize these strict operational security protocols immediately:

• 🚫 Never Share One-Time Passcodes: No legitimate company, bank, or vendor will ever call or text you to request a verification code or OTP. These codes are strictly for your own manual login inputs.
• 🎭 Caller ID is Easily Faked: Never trust the name or phone number displayed on your phone screen. Attackers can effortlessly mirror any trusted vendor phone numbers.
• ☎️ Verify Externally: If a vendor calls regarding fraud, immediately hang up. Locate the official customer service number independently from the vendor’s public website or the back of a physical corporate card, and dial back yourself.

Immediate Action Required 📣

If you receive any suspicious calls matching this description, refuse to provide any information, hang up immediately, and report the incident directly to management.

Thank you for your continued vigilance in keeping our company secure.