HomeVulnerabilityWhat's pretexting? Definition, examples, and assaults

What’s pretexting? Definition, examples, and assaults

Pretexters usually tend to goal firms than people, as a result of firms typically have bigger financial institution accounts. It’s onerous to seek out particulars of profitable assaults, as firms aren’t more likely to admit they’ve been scammed. VTRAC’s Chris Tappin and Simon Ezard, writing for CSO Australia, describe a pretexting method they name the Spiked Punch, during which the scammers impersonate a vendor that an organization sends funds to commonly. Utilizing info gleaned from public sources and social media profiles, they will persuade accounts payable personnel on the goal firm to alter the checking account info for distributors of their recordsdata, and handle to snag fairly a bit of money earlier than anybody realizes.

In one other instance, Ubiquiti Networks, a producer of networking tools, misplaced practically $40 million {dollars} as a consequence of an impersonation rip-off. The pretexters despatched messages to Ubiquiti workers pretending to be company executives and requested hundreds of thousands of {dollars} be despatched to varied financial institution accounts; one of many methods used was “lookalike URLs” — the scammers had registered a URL that was just one letter completely different from Ubiquiti’s and despatched their emails from that area.

See also  Counting the price of CrowdStrike: the bug that bit billions

Pretexting and phishing

Spoofing an e mail tackle is a key a part of phishing, and plenty of phishing makes an attempt are constructed round pretexting situations; as an example, an attacker might e mail an HR rep with connected malware designed appear to be a job-seeker’s resume. The focused number of phishing, often known as spear phishing, which goals to snare a selected high-value sufferer, typically results in a pretexting assault, during which a high-level government is tricked into believing that they’re speaking with another person within the firm or at a associate firm, with the last word aim being to persuade the sufferer to make a big switch of cash. (Deepfakes are beginning to be seen used on this capability.)

- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular