Social Engineering can be described as a set of tactics utilized by cybercriminals to obtain information or funds from a user, often through email as the most common form. Two of the most popular types of Social Engineering are known as Phishing and Pretexting. In this post for our blog series we will focus on these two tactics used by hackers online.
Phishing vs. Pretexting
You’ve most likely heard of Phishing emails before and know the basics of what to look out for in an email to help you tell if it is a scam such as spelling mistakes and threats of closing accounts or charges if certain demands are not met. What about Pretexting though? While Phishing emails often rely on fear and aggressive language in emails, Pretexting is a different form of Phishing in which the hacker works to gain the trust of the user in order to gain the information and/or financial goal they want. Often posing as external IT services auditors or even a security staff member of your company. Pretexting can still be considered a Phishing email, but it is often much harder to detect as the hacker’s goal is make a convincing story and believable identity for you to entrust critical information to.
What do I do?
It is because of these threatening and seemingly “trusting” tactics that it is always best practice to never send personal information through email to anyone. A legitimate organization will never ask for account or private information over email, as it is not a secure line of communication to exchange sensitive data. If you can’t tell if the sender is legit or a scammer through the email then without responding to the email or clicking on any links within the email you can directly call the company they are claiming to be and question whether or not the email was truly from them or not. Also doing a little bit of research into the company they are “representing” can go a long way into helping you see if they are telling the truth or not as well.
Phishing and Pretexting emails are only two of the five different types of Social engineering that are out there in the world. With this series of blog posts going over these cybercriminal tactics we here at RCS hope to better prepare more users as hackers become an increasingly more aggressive threat online. For even more information or to have any questions answered feel free to give us a call for a free consultation with one of our certified technicians at 909 • 949 •9159.
By Resource Computer Solutions