The way pretexting works is the “bad actor” uses a variety of tactics to get personal information. For example, a pre-texter may call and claim he's from a survey firm and ask you a few questions. When the pre-texter has the information he wants, he uses it to call companies with whom you do business.
He pretends to be you or someone with authorized access to your account. He might claim that he's forgotten his account number or needs information about his account history. It’s no secret that hackers use their technical expertise to attack computer systems and compromise sensitive data.
This type of malicious cyber hacking makes news all the time. However, a social engineering attacker uses different tactics to skirt security protocols, often exploiting one weakness that is found in every company, humans. In other words, using phone calls and other means of communication, these hackers trick people into handing over sensitive information.
Social engineering is a term that encompasses a broad spectrum of malicious activity so I want to share with you the top three methods of social engineering that attacks people and companies, focusing on human errors to give them the information they want.
This form of social engineering focuses on creating a good pretext or fake scenario, where the bad guy tries to steal the victims’ personal information.
In these types of attacks, the scammer usually says they need certain bits of information from their target to confirm their identity. In actuality, they steal that data and use it to commit identity theft or to stage another attack.
The goal of a pre-texting attack is to build a false sense of trust with the victim. This method requires the attacker to build a credible story that leaves little room for doubt on the part of their target.
The best way to avoid this is to always verify who is calling you and asking for detailed information. As always, please contact the Transylvania County Sheriff’s Office with questions or concerns