Pretexting can be used by telephone or email, customer service through instant messaging or a company Web site. A pretexter can use a variety of strategies to obtain personal information. In one scenario, for example, the pretexter could call someone claiming affiliation with a bank or investigation undertaken credit agency. In another scenario, a pretexter could pretend to be a client, a customer or employee of a company to access electronic records or telephone.
After establishing trust with the person targeted, the pretexter might ask a series of questions designed to collect key individual identifiers (such as social security numbers, the maiden name of his mother, the place or date of birth or account numbers), on the pretext of having to confirm their identity or account. A pretexter could also use false identity documents stolen or to extract information directly from the clientele institution.
Pretexting access to financial data has been expressly forbidden by the Gramm-Leach-Bliley Act in 1999. However, private investigators, hackers and data brokers continue to use pretexting to gain access to other kinds of information. The restrictions set by pretexting GLB apply to all organizations that deal with financial data, including banks, brokerage firms, credit unions, preparers of income tax, agency debt recovery, real estate companies and rating agencies. The Act restrictions do not apply to information that enters the public domain that in the public domain, such as the details of real estate transactions, property taxes, bankruptcy or the police.
The distinction between legal and illegal behaviour is particularly vague as regards the telephone, SMS, e-mail and other telecommunications issues such as laws governing the privacy of such information varies from one state to another in the United States and from one country to another, the entire world. The Federal Trade Commission (FTC) tried to bar pretexting of telephone records under section 5 of the FTC Act (which bars "unfair or deceptive acts" in business practices) and has filed several lawsuits against online brokers Data for this purpose. In September 2006, there were two pieces of legislation before the House of Representatives and the Senate that would pretexting telephone records for a criminal offence.
In a recent high-profile case, a firm hired by Hewlett Packard Chairman Patricia Dunn pretexting used to gain access to telephone records HP board of directors. Dunn has hired the law firm to investigate the board members after insider information about HP's long-term strategic plans has appeared on News.com. In California, where the incident occurred, HP shares may be illegal under civil statutes regulating identity theft and the use of computer systems to illegally gather information.
After establishing trust with the person targeted, the pretexter might ask a series of questions designed to collect key individual identifiers (such as social security numbers, the maiden name of his mother, the place or date of birth or account numbers), on the pretext of having to confirm their identity or account. A pretexter could also use false identity documents stolen or to extract information directly from the clientele institution.
Pretexting access to financial data has been expressly forbidden by the Gramm-Leach-Bliley Act in 1999. However, private investigators, hackers and data brokers continue to use pretexting to gain access to other kinds of information. The restrictions set by pretexting GLB apply to all organizations that deal with financial data, including banks, brokerage firms, credit unions, preparers of income tax, agency debt recovery, real estate companies and rating agencies. The Act restrictions do not apply to information that enters the public domain that in the public domain, such as the details of real estate transactions, property taxes, bankruptcy or the police.
The distinction between legal and illegal behaviour is particularly vague as regards the telephone, SMS, e-mail and other telecommunications issues such as laws governing the privacy of such information varies from one state to another in the United States and from one country to another, the entire world. The Federal Trade Commission (FTC) tried to bar pretexting of telephone records under section 5 of the FTC Act (which bars "unfair or deceptive acts" in business practices) and has filed several lawsuits against online brokers Data for this purpose. In September 2006, there were two pieces of legislation before the House of Representatives and the Senate that would pretexting telephone records for a criminal offence.
In a recent high-profile case, a firm hired by Hewlett Packard Chairman Patricia Dunn pretexting used to gain access to telephone records HP board of directors. Dunn has hired the law firm to investigate the board members after insider information about HP's long-term strategic plans has appeared on News.com. In California, where the incident occurred, HP shares may be illegal under civil statutes regulating identity theft and the use of computer systems to illegally gather information.
