September 25, 2012 by Carsen
Have you been a victim of pretexting?
Consider this situation, which would fall under pretexting, another form of social engineering. In this situation, the attacker has some prior knowledge about you that makes you believe the situation. Suppose you receive a call from a claimed representative of your bank and this person is asking for specific information in regards to your business account. The individual knows your name, your position in the company and your last bill amount, but the caller needs to verify your account number because the person believes unauthorized activity has taken place. In order to confirm your access, the account number is needed.
Don’t fall victim to this trap. Here are a few ways to stay protected.
While banks do send out alerts when they notice unusual activity, you shouldn’t confirm information unless you are absolutely sure this person is legitimate. What you should do is, thank the individual for alerting you and mention that you will follow-up right away with your usual contact there. Do not offer any information right away. Call the official number of the bank to ensure this call is from your bank. Alert your contact there that you received an alert and verify the situation.
Be certain when you receive a call from an individual requesting any form of private personal or organizational information, you verify the sources, even if you initially believe it to be legitimate. It is better to be safe than sorry.