Pretexting: fraud by any other name

It's a common myth that celebrated criminal hacker Kevin Mitnick was a wiz at 1s and 0s computer hacking; in fact, most of his attacks occurred over the phone, by creating or impersonating people who worked at a targeted company, then finagling the required information out of employees who were only too eager to help out. The social engineering technique is more commonly known as pretexting.

In a breaking story, pretexters allegedly obtained the home phone records of reporters from CNET, the New York Times, and the Wall Street Journal in an attempt to discover who from HP had leaked insider information to those publications. But there have been other high-profile examples, as well. According to the Federal Trade Commission, pretexting is against the law and can, and often does, lead to identity theft. Unfortunately, there's little you can do about it. Security Watch: Pretexting - CNET reviews

Linked by shanmuga Saturday, 16th September 2006 8:06AM