7 Tips to Defend Against the Rising Threat of Pretexting
In our constantly evolving world of cybersecurity, new threats emerge while old ones adapt and persist. One such threat that has been gaining traction recently is pretexting, a form of social engineering where attackers create a false narrative to deceive their victims and gain unauthorized access to sensitive information. Pretexting is commonly used in BEC attacks and according to the latest Data Breach Investigations Report (DBIR) by Verizon, pretexting incidents have doubled and now represent over 50% of all social engineering incidents in 2022.
Pretexting often involves a high degree of social engineering skills, where the attacker impersonates a trusted individual or entity to manipulate the victim into divulging confidential information. The goal is to trick the target into providing information or access that the attacker can use for fraudulent or malicious purposes. This could include personal data, bank account details, passwords, or access to a secure network. For example, an attacker might call an employee posing as an IT support person and claim that they need the employee’s login credentials to perform a critical system update. If the employee believes the pretext and provides the information, the attacker can then access the system with the employee’s credentials.
The Verizon DBIR confirms that pretexting incidents were targeted at top-level executives, underscoring the need for organizations to prioritize security awareness training at all levels, especially among the lucrative targets of high-ranking officials. Pretexting can occur via various communication channels, including phone calls, emails, text messages, or even in-person interactions. It’s a significant threat in cybersecurity due to its ability to exploit human vulnerabilities and bypass technical security measures.
Defending against pretexting attacks requires a multi-faceted approach that combines technical measures with user education and awareness. Here are some strategies that an organization can employ:
- Security Awareness Training: This is one of the most effective ways to prevent pretexting attacks. Regular training sessions can help employees understand what pretexting is, how it works, and how to recognize potential attacks. Real-world examples and simulated attacks can be particularly effective in this regard.
- Verification Procedures: Establish strict procedures for verifying identities and requests. This could include multi-factor authentication, follow-up calls, or emails to confirm requests and procedures for reporting suspicious activity.
- Limit Information Sharing: Be cautious about the information that is shared publicly, especially on social media and corporate websites. Attackers often use this information to make their pretexts more believable.
- Email Security Measures: Implement robust email security measures, such as spam filters, phishing detection, and secure email gateways. These can help to filter out many pretexting attempts.
- Regular Audits and Updates: Regularly review and update security policies and procedures to ensure they are effective against the latest threats. This should include regular audits of user access rights and privileges.
- Incident Response Plan: Have a clear incident response plan in place for when a pretexting attack does occur. This should include steps for reporting the incident, containing the threat, and recovering from the attack.
- Zero Trust Security Model: Implement a zero trust security model, where every access request is verified, regardless of where it comes from. This can help to prevent unauthorized access even if an attacker does manage to obtain valid credentials.
The Verizon DBIR and WatchGuard’s cybersecurity report both underscore the reality of current threats and the importance of adopting the latest defense techniques. As cyber threats continue to evolve, so too must corporate defenses. By staying informed about the latest threat trends and implementing robust, multi-layered security measures, organizations can protect their valuable assets and maintain trust with their stakeholders.