Introduction
5 billion people send and receive SMS messages every day.
That means that over 62% of the world’s population is texting on a regular basis.
While that comes with convenience (and cyber-risks) of its own, it’s not just texting that you have to worry about…it’s pretexting!
What is Pretexting?
You may already know the word pretext, which is a false excuse made to explain away an action when you don’t want to reveal your true motivations. It means the same thing in cybersecurity!
Pretexting is a deceptive practice where individuals or entities obtain sensitive information from unsuspecting victims by pretending to be someone they are not. This fraudulent tactic is often employed to gain access to personal financial information.
In the realm of financial institutions, pretexting poses a significant threat to customer data security. Whether you work somewhere that handles private monetary data, or you’re a customer frequenting your favorite bank, it’s critical to know about the biggest threats to the finances under your care. Just as you’re taught what to do in a bank robbery, the same applies to digital break-ins!
So how do the cyber-thieves do it?
By impersonating trusted entities like bank representatives, scammers can manipulate individuals into divulging confidential details such as account numbers, Social Security numbers, and passwords. This stolen information can be used for identity theft, fraudulent transactions, and other malicious activities.
Protecting Ourselves from Pretexts
To combat pretexting, financial institutions have implemented robust security measures, including employee training, advanced authentication systems, and data encryption. The evolving nature of these scams, however, necessitates ongoing vigilance and adaptation by both financial institutions and consumers to stay ahead of cybercriminals.
Essentially, pretexting highlights the critical importance of safeguarding customer information and the need for stringent data protection regulations within the financial industry.
For example, take the United States’ Safeguards Rule. This data protection law requires financial institutions to construct a strong cyber-defense system to protect the private information under its care. It also prevents the unauthorized access to mismanagement of your financial data; meaning that when you entrust your money to a bank, they can’t tell random people or even their company partners anything about you.
This protects you from pretexters that approach financial institutions under false pretenses. They can’t come into a bank and empty all your accounts, even if they steal your driver’s license and visually resemble you. There are protections in place like your debit card, PIN and security questions that still set off red alerts if the impersonator can’t provide them.
Wherever you live, you are probably protected by national and local regulations aimed at safeguarding our financial data, and our private information in general!
Conclusion
Pretexting is coming back in style. This year has shown twice the influx of pretexting attacks than last year, and we know that cyberattackers are getting smarter with how they use our social media to learn about our daily habits—which makes us easier targets for scams like pretexting.
When it comes to your digital and financial safety, knowledge is the most powerful tool at your disposal! Implementing multi-factor authentication on your confidential accounts can help keep out cyber-predators, and recognizing the red flags of a scammer (e.g. urgent requests, alarming threats, and strange behavior) can help protect your financial and personal data from cyber-thieves.
If you think you’ve come across a pretext, report the person, number or account immediately! Flagging these messages not only blocks them from interacting with you again, but also notifies the communication platform of their suspicious behavior, which can protect everyone else from their tricks as well.
Just remember, you’re not alone in this fight! Our global laws are also evolving to keep our private data safe.