I am aware of what I need to do if my phone gets hacked.
Teaching My kids How to Protect Themselves from Pretexting Attacks
Since the end of 2019 and the world is facing a global pandemic which has impacted all kind of businesses and pushed all of us to change business modalities, and the way we communicate, interact and network together.
The recent approaches rely the most on the usage of digital platforms and devices while increasing our availability on the internet, thus increases our exposure to different types of cyber risks, such as social engineering attacks. This requires us to practice better online safety by increasing our vigilance, to better protect ourselves, our families, and our beloved one's information, assets, and reputation.
The threat of social engineering
One of the most popular threats we do face online is a non-technical threat which does not require a highly and professional computing and coding skills but knowledge on how to psychologically manipulate others and trick them into divulging information or taking actions, usually through technology. This technic named “Social Engineering” relays the most on taking the advantage of a potential victim’s natural tendencies and emotional reactions to push them to perform a certain action that allows the social engineer to access the required information and succussed in completing the desired intent. Statistics from Purplesec show that 98% of the cyber-attacks are social engineering attacks as such technic can even trick the most skilled personal IT professionals, so how about our kids and ourselves!
Our kids are considered among the weakest who can be easily tricked and manipulated; thus, they make the ultimate target for social engineers as they can be easily manipulated psychologically and pushed to share information and provide access to sensitive data. Therefore, it is highly required to equip them with the right knowledge and online safety skills to detect, identify, prevent and report such types of attacks and to get away from them without being harmed.
Definition of pretexting
One of the famous social engineering techniques we are going to address in this article is pretexting, what is Pretexting?
Pretexting consists of using a “pretext” to captures someone's attention, by creating scripts and scenarios where the victim feels compelled to comply. Typically, the attacker will impersonate someone in a powerful position or build trust with the victim to persuade him to follow their requests.
In this kind of social engineering attack, a bad actor may impersonate police officers, school colleagues, the friends of our parents, or any other persona they believe will help them get the information they seek.
How can my teen know if he is a victim of pretexting?
Tell your teenager to ask himself the following questions:
- Am I feeling something strange?
- Is the message received came from a legitimate person?
- Does the subject I'm involved in look too good to be true?
- Is it possible to prove the identity of the person I am in contact with?
- Have I been asked to access strange websites or open odd attachments?
How can my teen avoid being a victim of pretexting?
Teach your teen the following tips:
- Do not share personal information and addresses, such as place and date of birth, home, and school address.
- Be very cautious when building online friendships, and avoid building friendships with people you only know online and always be vigilant when building any type of friendships.
- Do not trust strangers.
- Practice analytical thinking and do always assess and calculate the risk of each online activity and engagement you make.
- Do not believe all that you read, or what you hear, attackers can create a ton of scenarios and scripts which look to be real to trick you to help them get what they want.
- Secure your devices and accounts with multi-factor authentication.
- Use a strong complex memorable password and share it only with me.
Social engineering is still considered one of the most successful types of attacks that hackers practice and rely on to get their needs, as by simply creating simple scenarios they can gain the trust of their victims and manipulate them to offer help or even to provide them intentionally with what their needs.
One of the famous examples of pretexting is an attack made by the famous social engineer Kevin Mitnick in 1992 where he decided to steal the source code of Motorola phones, where he was able to achieve his plan by making a couple of phone calls with Motorola's staff members while faking his identity.