Table of contents
- Pretexting definition
- Pretexting meaning: a short explanation
- Social engineering methods in pretexting
- Vishing and smishing
- How to stop pretexting
- How to prevent pretexting
- Examples of pretexting attacks
- Hewlett-Packard scandal (2016)
- Ubiquiti (2015)
- MacEwan University (2017)
What is pretexting?
Pretexting is a cyberattack that uses a convincing story or disguise to trick a victim into revealing sensitive information or performing certain actions. Often, a pretext attacker will research their victims to craft their stories and impersonate someone who the victim trusts, like a coworker, IT technician, or customer service representative.
With a victim’s trust, a pretexting attacker can request passwords, account numbers, social security numbers, or other confidential data. Or the victim can be convinced to transfer funds, grant access to secure systems, or unwittingly install malware.
A pretexting attack can occur through various means of communication, from phone calls, emails, SMS, or even in-person communication. These attacks fall under the larger umbrella of social engineering scams, where an attacker exploits the victims’ psychology, trust, and desire to be helpful or comply with an authority figure.
Pretexting meaning: a short explanation
Pretexting is a social engineering attack that uses a fake story to trick a victim into revealing sensitive data or performing an action. Attackers impersonate trustworthy figures and manipulate their victims with convincing scenarios that urge them to act quickly, against their better judgment. Pretexting can occur through calls, messages, or in-person communication.
Social engineering methods in pretexting
Pretexting is a form of social engineering, which involves manipulating a victim’s psychology and using well-researched lies. Social engineering scams can take many forms. Here are the most common ones:
Let’s delve deeper into these ploys:
Impersonation occurs when an attacker deceives a victim by impersonating a trusted individual or authority figure. Impersonators can pretend to be a co-worker, law enforcement, IT professionals, business executives, or anyone else that may sway the victim to comply. An impersonator may do a lot of research into their “role” to create a convincing masquerade.
Phishing involves sending victims deceptive emails, messages, or websites that mimic legitimate ones to trick victims into revealing sensitive information like login credentials or credit card numbers.
Vishing and smishing
Vishing (voice phishing) uses voice communication, such as phone calls and voice messages, to fool victims into revealing sensitive information. Smishing (SMS phishing) attacks trick their victims using SMS text messages to impersonate legitimate sources like a bank or government agency.
In the context of cybersecurity, tailgating involves an attacker gaining access to a restricted system or network by closely following behind someone who has authorized access. An example would be if an attacker would peer over the shoulder of someone entering login credentials, then using those same credentials to gain access.
Similar to tailgating, piggybacking is a broader term that involves an attacker gaining unauthorized access to a system or network with the use of a victim’s credentials or access. Tailgating is a form of piggybacking. Other examples are if the victim willingly shares the credentials or if the attacker steals them.
Baiting involves offering up a reward or something enticing to an individual in exchange for personal information or performing certain actions. The “bait” is designed to stoke curiosity, greed, or the desire to help. An example would be leaving a malware-ridden flash drive labeled “confidential” for a victim to find and open on their device.
Scareware can be malware or a deceptive tactic that aims to scare victims into taking certain actions—using false or exaggerated warnings or alerts about potential “threats” to their personal data or device. The aim is to trick panicked victims into downloading fake security software, giving up personal data, or downloading malware to make the “threat” go away.
How to stop pretexting
Pretexting and other social engineering attacks can be highly deceptive, so they can go completely unnoticed. If you suspect you’ve fallen victim to a pretexting ploy, it’s crucial that you act quickly to mitigate the damages.
Here’s how to stop pretexting:
- Stay calm and don’t give away any information: Pretexting ploys rely on a sense of urgency. Do not rush into meeting the demands or requests of an attacker—and definitely do not reveal any sensitive information.
- Document the attack: Take screenshots of all communication and record the dates and times of a pretext-calling attack. All of this evidence can be used to potentially catch the assailant.
- Change all your passwords and login credentials: Even if a pretexting attack targeted a specific network, profile, or other point of entry, chances are the attacker gained more information for unauthorized access elsewhere.
- Contact the proper authorities: In most jurisdictions, it’s illegal to attempt to gain private information under false pretenses. And in many cases, pretexting can constitute identity theft, which is illegal. If you’ve fallen victim, local or governmental authorities can help you deal with the situation and, perhaps, catch the culprit.
How to prevent pretexting
Preventing a pretexting attack is better than stopping one that’s already underway. By the time you realize you’ve been targeted, it might be too late to stop an attacker from gaining unauthorized access to your system. Avoiding pretexting altogether ensures your utmost cybersafety.
Here’s how to prevent pretexting:
- Awareness and training: Invest time for yourself and your employees to learn what cyber security is and why it is important. This essential knowledge can help you and others to recognize the signs of pretexting and to be cautious when revealing sensitive information.
- Verify requests: If you get requests for information, independently verify the person who is requesting the information. If you have employees, inform them of the heads of your departments in case an attacker is impersonating them.
- Use multi-factor authentication: If you have the option, all your accounts should be protected with two-factor authentication. So even if an attacker manages to gain a password, they will still be locked out of the account or network without the second form of authentication.
- Update software and systems: Software and system updates can address known security vulnerabilities that attackers can use to gain unauthorized access. Updates ensure that they can’t exploit these vulnerabilities.
Cybersecurity software: A dedicated security app, like Clario’s Anti-Spy, can detect and stop attackers in their tracks before they do any damage to you and your device.
Clario’s AntiSpy features a suite of powerful security tools that work in synergy to protect all your devices and data from spying. It features data breach detection tools, antivirus scans for malware, and safe browsing to block ads and trackers. Clario AntiSpy works on mobile (iOS, Android) and desktop (Windows, Mac).
Ensure safe browsing for you and your family by using Clario’s protection:
- Download Clario AntiSpy and choose a subscription to create an account
- On the dashboard, click Safe browsing and Install the Clario Chrome extension
3. Add your Clario Secure Browsing extension to Chrome
Enjoy four pillars of safe browsing: web security, anti-malware protection, ad blocker, and anti-tracking capabilities.
Examples of pretexting attacks
Even prominent organizations and individuals have fallen victim to pretexting attacks. Let’s take a look at some of the most notorious examples in recent history:
Hewlett-Packard scandal (2016)
The prominent tech company Hewlett-Packard (HP) was embroiled in a scandal involving pretexting when it tried to find out who in the company was leaking information to journalists. HP provided private investigators with employees’ personal info, so they could impersonate those employees in order to obtain call records from their phone companies.
Once the scheme was discovered, the CEO resigned, and the scandal resulted in criminal charges, congressional hearings, and lasting reputational damage.
The network firm Ubiquiti was robbed of $47 million by a hacker using a pretexting ploy. The hacker sent fake company emails impersonating senior executives, which tricked employees into giving away account numbers, usernames, and passwords. From there, the hacker was able to transfer funds from Ubituiti’s account to various overseas accounts.
MacEwan University (2017)
MacEwan University in Canada fell victim to a scam involving pretexting when scammers, posing as a construction vendor, convinced staff to transfer three payments (CA$11.8 million in total) to a fraudulent account. The scammers successfully impersonated 14 construction firms in the Edmonton area.
Pretexting can take many different forms. And often, you might not even know you’ve been targeted—until it’s too late. Rather than clean up the mess of a pretexting attack, it’s better to take steps to steer clear of an attack altogether. Clario’s AntiSpy is created by cybersecurity experts to detect and combat all sorts of digital spying and stalking.
Our dedicated online security app is designed to protect your calls, messages, location, contact list, photos and videos, and more from unauthorized access. The iOS and Android version will scan and monitor your online accounts for data breaches, plus they feature anti-spy protection to reduce threats. Try Clario’s AntiSpy now for iOS, Android, Mac, and Windows devices.