Phishing and pretexting take place by email or telephone. A phony story is concocted in order to persuade you to hand over your personal details. This can be anything from a fake alert from your bank to an urgent call about an injured loved one. The bottom line is, you will be asked to provide a credit card or Social Security number or bank account information.
Pretexting calls can be live or recorded. Callers claim to be from research companies, financial institutions, or other legitimate organizations and request your personal information or a call back. They may claim that there is an “urgent” need for you to call immediately. They may even tell you that you have won a prize of some kind in order to entice you into revealing personal details.
Phishing emails are more sophisticated. They usually contain a link to a fake web site or an attachment that you are asked to view. The fake web site will ask you to enter personal information. The attachment will launch a Trojan horse or spyware program on your computer system. These programs are designed to retrieve stored passwords and account numbers. They can also detect if you access a bank’s web site and replicate the site in order to capture the information you enter.
Spear phishing is a highly targeted form of phishing that customizes or personalizes emails to a degree that they are almost indistinguishable from the real thing. Spear phishers target specific segments of people, for example, everyone who works at a certain company or members of an online community. These emails often address the recipients by name and look like they came from the person in the next cubicle.