Pretexting is when scammers gain access to sensitive data and personal accounts under false pretexts. They often contact their victims via phone calls, emails, and texts and work to gain their trust in order to get them to hand over private information.
Social engineering is the act of deceiving or manipulating people into giving up confidential information. Thus, pretexting is a form of social engineering employed by scammers to obtain personal information for fraudulent reasons, such as to commit identity theft.
Pretexting is a big concern in the cyber security industry because scammers often favor digital means of communication, such as email, to lure their victims in.
A common technique online scammers use to pretext is to send phishing emails, which we’ll go into a bit more detail about further down the page.
In a voice call pretexting attack, the scammers call you up and pretend to represent some sort of legitimate company that needs some of your information under some false pretext.
For example, they might pretend to be a survey company and ask you for seemingly harmless details, such as the name of your children or pets.
Well, they can use it to try to hack into your accounts or because they know many people use names of people or animals close to them as passwords. Or, they might try to call your financial institution and pretend to be you to gain access to your bank accounts.
Pretexters can also sell whatever information they get from you to identity thieves, or perpetrate identity theft themselves. This type of voice call pretexting attack is also known as vishing.
Text pretexting attacks work the same way as phone pretexting attacks, but the scammers send you text messages to try and get private information out of you under false pretexts.
For example, they might send you a text claiming to be from your bank and ask you for your credit card or bank account number.
There was a case in 2006 that brought pretexting into the spotlight. HP’s high-up management wanted to check if board members had been leaking confidential information to the press, so they hired a private investigator to get their phone records.
The private investigator used identity theft pretexting techniques to obtain board members’ personal data, such as social security numbers. He then used this information to impersonate them when talking to their phone companies in order to get access to their phone records.
This is just one well-known example of the type of identity theft pretexting attacks that happen every day.t
As we mentioned a little earlier, a common way pretext attacks work online is through phishing emails. This is when the scammers send emails that appear to be from legitimate companies you use and try to trick you into giving up account information or other sensitive data.
For instance, they might send you an email that looks like it’s from Amazon and claim that there is some type of problem with your account. They’ll ask that you provide your username and password to troubleshoot the problem, which they will then use to enter your account and steal other information, like your credit card info that’s stored there.
No matter what their pretexts are, you should never give out private information over the phone or via text or email if someone contacts you out of the blue. It’s okay to do so if you call your bank or another company you use services from, but never trust anyone who contacts you in an unsolicited manner.
Remember when we said that pretext attackers often phish for information like your children’s or pet’s names to try and impersonate you or hack into your accounts?
Well, this is why you should always use complex, non-personal login passwords — this goes for verbal keywords for things like bank accounts, too. Add numbers and special characters to random words to ensure secure passwords.
If anyone ever contacts you claiming to be from your bank, politely decline any requests for information they have. Then, call your bank directly and ask if there is some kind of real issue they are contacting you about. To be even more safe, you can always go to your bank in person and deal with any issues that way.
The number one way to avoid pretexting attacks and other scams is to always be wary and err on the side of caution. It’s far better to be paranoid and overly careful than to let your guard down and get your identity stolen or wake up to find out your bank account has been drained.
The fund recovery process can be a lengthy one and requires perseverance. Therefore it is vital that our clients are ready for it and trust us every step of the way. So if for any reason you are doubtful, you can ask for a full refund within the first 14 business days of the process.**Read Terms & Conditions
Disclaimer: Payback Ltd offers each new client a free consultation. Funds Recovery or other services that will be subsequently commissioned will incur fees and/or commissions, based on the service and the complexity of each individual case. Payback Ltd doesn’t offer any investments, financial services, or advice.
At Payback we do not initiate calls without request. We only call clients that reached out to us.
The Company cannot accept prohibited payment methods.
Every payment received by the company is secure under the PCI-DSS protocol.
All entered data will be lost