Last updated on June 16, 2022
Two-faced people pose a serious risk to society, everyone seems to agree. They are a serious threat to your digital existence as well.
In this case, I am referring to a cyber attacker who employs a method known as “pretexting”
I will give you a brief overview of pretexting, then we will delve into more detail based on specific examples.
An attack known as pretexting occurs when an attacker designs and creates a situation so that they can tempt the individual by creating a vulnerable scenario that will lead them to reveal their personal information.
Seems impossible! Right. But it actually works for them. Let’s see how they make it happen.
What is pretexting in social engineering?
Pretexting is a social engineering attack that relies on creating a false scenario, or pretext, in order to manipulate the target into disclosing personal or sensitive information.
Pretexts are hypothetical scenarios created by cybercriminals in order to steal sensitive information from victims. Pretexting attacks can take many forms, but often involve phone calls or email messages in which the attacker pretends to be a helpful customer service representative.
The goal of pretexting is to obtain sensitive information such as payment details or confidential customer information. In some cases, the attacker may also attempt to change payment details or obtain sensitive information from various bank accounts.
Pretexting attacks are often successful because they exploit natural human tendencies to trust authority figures and to want to help others. Pretexting is also sometimes used by private investigators to obtain telephone records or other sensitive information. In these cases, the investigator may pose as a person of authority or as a helpful customer service representative in order to obtain the desired information.
How This Scam Is Different From Other Scams?
In contrast to most scams, this one involves a story or you can say a “pretext” intended to trick the targeted victim into divulging personal information and bank account information.
As an example, pretexting is similar to fraudulent phishing attacks, but there are some important differences. Phishing attacks tend to be mass emails that are sent to a large number of people in the hope that some will click on a link or open an attachment that will allow the attacker to install malware or steal information. Pretexting is a more targeted attack where the attacker takes the time to learn about their victim and to create a believable cover story. This makes pretexting attacks much more difficult to detect and defend against.
In this scenario, cybercriminals use identity theft techniques and usually portray themselves as authority figures with the authority to collect the data they are after and gain access, as well as someone who is qualified to help victims.
Pretexting: How Does It Work?
In order to carry out a pretexting attack, the attacker first carries out research on the target in order to obtain useful information. This information is then used to create a false relationship with the target, which the attacker uses to trick the victim into disclosing sensitive information.
A threat actor’s primary objective is to win the trust of his or her targeted entity and use it to earn monetary or other benefits. A phone call or personal visit can be used as an attack to get private information.
Cyber-attackers who use pretexting often pose as employees of financial institutions or human resources personnel. This allows them to target high-ranking employees, such as C-level executives, who have more access to company resources than lower-ranking employees.
In order to accomplish this, threats must create a credible narrative that leaves the victim with no suspicions. It’s one of their credibility-gaining techniques.
Pretexting attack examples
In this pretexting technique an email entitled “Good News” shows up in your inbox. Upon opening it, you discover that it allows you to redeem a gift card for free. How cool is that? And what person does not like free things, particularly gift cards?
There is a link that asks you to enter your contact information so that we may send it to you. The information needed is either your first name or last name, and your mailing address. Doesn’t it violate common sense? The question you might ask yourself at that point in your life is won’t the person already know your information if they say you are qualified for a gift card?
In what ways are you qualified? What have you done to achieve this? Were you ever in competition? That, my friend, sounds awfully fishy and should put you on notice as soon as you read it.
Someone knocks at your door pretending to be a representative of the provider of your internet. His claim of coming for a maintenance check could easily trick you. For those of you who aren’t tech-savvy, having your network maintained is simply necessary to continue watching Netflix.
It is therefore likely that you will fall for it and let him do his job. In this case, you can ask him why he made such a visit and say that you weren’t informed beforehand.
Nevertheless, it is possible to go one step ahead and inquire him about your internet package or ask him questions that only someone who works there would be familiar with.
HP Pretexting scandal
One of the most famous examples of pretexting occurred in 2006 when Hewlett-Packard (HP) investigators used false pretenses to gain access to the phone records of journalists and board members in an attempt to identify the source of leaks to the media. This led to a major scandal and several high-profile resignations, including that of HP CEO Mark Hurd.
How to prevent pretexting attacks?
It is important to be aware of pretexting attempts and to take steps to prevent them. For example, you should never give out confidential information to someone who contacts you out of the blue, even if they claim to be from a trusted organization. If you are unsure whether a call or email is legitimate, you can contact the organization directly using a phone number or email address from their website. Be sure to use exact domain spoofing when checking email addresses, as phishing attempts often use similar-looking domains.
In addition, you should never change your payment details or disclose sensitive information in response to a phone call or email. If you receive a suspicious call or email, hang up or delete it immediately.
Below are some additional steps you can take to prevent pretexting:
AI-Based Email Analysis
As a preventative measure, companies should take steps to ensure their detection methods are more advanced than others. Unlike existing spam-blocking phishing technologies, artificial intelligence (AI) is now being employed to analyze user behavior in order to detect these attempts.
NLP short for “Natural language process” is another technique employed to analyze a language and detect phrases related to this attack.
DMARC – A short form for Domain-based message authentication, reporting, and conformance provides the most comprehensive defense against email fraud, but its effectiveness is limited due to its required ongoing maintenance.
To top it all off, DMARC blocks domain-specific spoofing but does not identify spoofed names or duplicate domains, which spear-phishing attacks are popular for.
It has become more common for hackers to use these sophisticated approaches, as DMARC has become more effective.
Finally, bring examples of genuine incidents to the attention of your users so they can learn which identification techniques to use to identify attacks such as these.
The reason that this scam works so well is that users are unaware of the tricks discussed above, and they are not aware that anything is amiss.