- The FTC Web site provides facts about pretexting
- ID Theft provides information to the consumer about identity theft and how pretexting is used to gain access to personal information
- PI magazine discusses the use of pretexting during the course of an investigation
- Read an article about pretexting, ID theft, and what it means
- Information about H.R. 4709: Telephone Records and Privacy Protection Act of 2006 which outlaws pretexting
- Federal Trade Commissions privacy rules prevent the use of pretexting to gain personal information
- Review the Federal Communication Commission's (FCC) efforts to stop identity theft and prevent pretexting
- The United States House of Representatives provides a video on the hearing conducted to combat pretexting
- Dictionary.com provides definitions for pretexting
- The Electronic Privacy Information Center (EPIC) on preventing pretexting
- The U.S. Department of Justice and some telecommunication carriers protest a bill that would prevent the use of pretexting to gain customers personal information
Advanced Pretexting
Advanced pretexting schemes will often do a background check on the intended victim, gathering any public information that is available in order to make their pretexting scenario sound as credible as possible. For example, a scammer may look up information on family members, employment, phone numbers, and addresses. The pretexting scammer will then call the intended victim or business and use publically available information such as real estate transactions or declaration of bankruptcy in such a manner as to assure the target that they are a credible institution and only need the victim to "fill in blanks." In this way, the pretexting scammer appears to be a concerned employee merely following company protocol in order to help the target or someone close to the target "protect" their information or receive paid-for services.
Serious pretexting scammers could go to such lengths as to imbibe their lies with emotionally charged scenarios, such as making a claim to the target that a family member is in trouble with the law, injured in a hospital, or a similar scenario that will worry the target so much that he or she will forget to be careful about his or her information and give in to the pretexting scammer's demands.
Exceptionally careful scammers will go through multilayered steps to increase the credibility of a pretexting scheme. For example, a scammer with an intended target may first run a pretexting scheme against an lesser institution or business with access to the target's privatized information before contacting a more legitimate target, such as a bank. In this way, the pretexting scammer preys upon junior executives or young account managers with insufficient training, experience, or awareness of security measures in order to extract confidential information that is less damaging in the wrong hands than what the scammer hopes to ultimately retrieve. Using benign information, the scammer then calls up the target and impersonates a "concerned official party", using the confidential information as a cloak to establish credibility for the assumed identity. Once trust is established with the target, the pretexting scammer is able to coax damaging information--such as credit card numbers, social security number, bank account numbers, etc.--from the unsuspecting target.