Getting protected against pretexting

Pretexting: how it works and how to protect against it

It's harder for me to order a pizza than it is to gain access to your personal information.

When I order pizza, I am always asked for my phone number. On occasion, restaurants have also called me back before sending the order. We all know why they do this, to ensure that they are not being victimized by pranksters. So, it certainly makes one wonder why it seems so easy to gain personal information from corporate call centers using what we call "pretexting".

This is a term that has been in the news a lot this week due to the scandal involving attempts by Hewlett-Packard to ferret out a leak on their board of directors. HP investigators allegedly used false pretenses to fool call center agents and gain access to phone records which included those of nine reporters. Investigators, con artists and hackers have been using the technique known as "social engineering" for years to obtain private and personal information.

If you've ever seen The Rockford Files on TV, then you have seen pretexting in action. In that show, Jim and his lackey, Angel, used social engineering again and again. It's easy enough to dismiss the ease with which he managed to get sensitive and confidential information out of people as Hollywood fantasy, but this actually occurs quite often in the real. I even admit to making use of this technique in my radio days for research. I would sometimes "allow" someone I was trying to pump for information to believe I was just an ordinary citizen rather than telling them up front I was a broadcaster. I didn't lie to them. I simply allowed them to believe what they wanted to.

Info-Tech Research analyst Ross Armstrong puts it this way: "The easiest way for a hacker, con artist or private investigator to gain access to confidential information is not through technical means, but rather, by duping employees into divulging password information to systems and customer accounts. This is skilled scamming targeting the weakest link in the system -- people."

So why are we the weakest link in this chain? For starters, ten dollars an hour doesn't do much for your talent-recruiting efforts. It's hard for anyone to stay motivated when they are underpaid and under stress. This "de-motivation" leads to carelessness and muddled thought processes. Add to this a lack of correct training, high turnover due to bad working conditions and priorities which focus on low call times rather than quality of service and you have a front line of workers who operate more as automatons than people who think for themselves.

Armstrong says companies can safeguard against pretexting by educating frontline employees about social engineering tactics, creating a call-back policy whereby customer service representatives call the person back at their registered phone number to verify identity, issuing PIN for customer access to personal records and accounts and making no exceptions to the use of PIN.

Mr. Armstrong is certainly right (although most of us don't want yet another PIN to remember), yet it's not just about training and policy.

It's also about working conditions and motivation. When you immerse employees in systems and procedures which don't require anything more than the ability to read a script from a computer monitor, you guarantee they will not use the most potent tool at anyone's disposal: Common sense.

There is definitely something wrong when it's easier for me to get a stranger's personal phone records than it is to order a pizza with double anchovies.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jim Ducharme

Show Comments

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?