Word Notes 11.15.22
Ep 125 | 11.15.22

Pretexting (noun)


Rick Howard: The word is: pretexting, as in a subterfuge, in order to conceal a true purpose

Rick Howard: Definition: A social engineering technique in which a threat actor poses as a trusted person or entity in order to trick the victim into disclosing information or performing an action that benefits the attacker. 

Rick Howard: Example sentence: The scammer posed as a charity worker as a pretext to trick the victim into sending money. 

Rick Howard: Origin and context: Pretexting is used in a wide variety of social engineering attacks, including online spearfishing attacks, in-person scams, and physical breaches of company property. According to CrowdStrike, the attacker will present a false scenario -or pretext- to gain the victim's trust and may pretend to be an experienced investor, HR representative, IT specialist, or other seemingly legitimate source.

Rick Howard: This attack is not limited to online, it can take place through other forms of communication, including in person. CSO Online describes an attack in which a threat actor stole nearly $40 million from Ubiquiti Networks by impersonating the company's executives.

Rick Howard: Quote, " The pretext are sent messages to Ubiquiti employees, pretending to be corporate executives and requested millions of dollars be sent to various bank accounts; one of the techniques used was "lookalike URLs"- the scammers had registered a URL that was only one letter different from Ubiquiti's, and sent their emails from that domain" end quote. The Verge reports that in 2020, a 17 year old from Florida used pretexting to hijack 130 high-profile Twitter accounts by posing as an IT department worker and tricking a Twitter employee into granting him access to internal company tools. The perpetrator used this access to Compromise Official Twitter accounts, belonging to Bill Gates, Elon Musk, Kanye West, Kim Kardashian, Joe Biden, Barack Obama, Cash app, Apple, and many more. 

Rick Howard: Nerd reference: In the 2003 movie, The Italian Job starring Edward Norton, Charlize Theron, Mark Wahlberg, and Jason Statham, among many others. Norton Betrays Wahlberg and his professional conman team, after they together stole $35 million worth of gold bullion from an Italian gangsters safe in Venice and leaves them for dead in Italy. Walburg plans a revenge heist against Norton to steal back the gold.

Rick Howard: But he needs to recon Norton's house to find the safe. Wahlberg's team disconnects the house cable TV wires from the grid, and then sends in their newest member of the team Theron, dressed as the cable TV repair person, complete with a video camera behind her name tag. She walks around the house with Norton looking for the TV problem, and then finds the safe in a back closet, and that is in person Pretexting. 

Rick Howard: Word Notes is written by Tim Nodar, executive produced by Peter Kilpe and edited by John Petrik and me, Rick Howard. The mix, sound design, and original music have all been crafted by the ridiculously talented Elliott Peltzman. Thanks for listening. The.