Dictionary
min read

Pretexting

Pretexting is social engineering where the attacker creates a false story to obtain sensitive information

What is pretexting?

Pretexting is a form of social engineering where an attacker creates a false story or scenario to trick the victim into revealing sensitive information. The attacker often poses as an authority figure, such as a bank representative or IT support, to build trust and gain access to confidential data.

Attackers often conduct thorough research before the attack to make it more targeted towards specific individuals. The pretexting in the attack can appear as genuine communication from others within your company.

How can you avoid pretexting?

  • Be skeptical: If someone calls claiming to be from your bank and asks for account information, ask questions and be critical of why they need this information. Do not give out details unless you are sure they are legitimate.

  • Verify identity: If you receive an email from someone claiming to be from the IT department asking for your password, call the IT department directly using a known number to verify the request.

  • Do not trust unexpected requests: If you receive a message saying you have won a prize and are asked for personal information to receive it, be cautious. Check the sender’s legitimacy before giving out information.

  • Use multi-factor authentication: If someone tries to access your account by posing as you, multi-factor authentication will require an extra verification that only you have access to, making it harder for the attacker.

  • Stay updated: Be aware of the latest methods attackers use in pretexting. For example, if you know there is an increase in fake technical support calls, you will be more prepared to recognize and avoid such attempts.

Sicra and pretexting

Sicra is ready with technical support and security consulting to help you resist and get assistance if you have been subjected to pretexting. Our CISO-for-hire and security team are ready to help if there is a security incident in your company.

Services:

Read about our "CISO-for-Hire" service here >

Read about "security training" here >

Read about "multi-factor authentication" here >

Related terms: Social engineering, Phishing, CISO-for-hire.

 

Need Assistance?

We are happy to have a non-binding conversation.
Contact us

Tailored cybersecurity for institutions and enterprises that allows for innovation, growth, and fearless performance.

Get in touchCall us +47 648 08 488