Pretexting – The Good, Bad and Ugly

In recent days pretexting has become a mainstream term in newspapers and blogs around the world. Admittedly pretexting is a term that most people are not familiar with and most are shocked when they learn what it is. Pretexting is pretending to be someone else and obtaining personal information about that person under the pretext of being them. What most people don’t realize is how easy it is to get a hold of information like phone records with a person’s phone number and last four digits of their social security number.

The reason pretexting has been in the news so often lately is that Hewlett Packard used this technique to obtain phone records of journalists and board members in an effort to determine the source of leaks of confidential information to the press.

You may recall that Carly Fiorina had dealt with the problems of leaks to the press years ago and obviously things haven’t changed at HP and leaks continue to plague management.

In order to get to the bottom of the leaks HP Chairwoman Patricia Dunn ordered an investigation into the leaks and in doing so hired at least one outside firm to find out who was responsible letting confidential information out. In doing so the investigators obtained telephone records from reporters as well as board members who were suspected of being the source of the leaks.

On the one hand Dunn needed to do something about the problem and protecting the confidential information being leaked is exactly what shareholders expect her to do. On the other hand she may have broken the law when getting this information. Truth be told, Dunn has publicly stated that she is surprised that pretexting was used to obtain information and she has further said that the tactics were appalling.

So it is unclear if she knew what techniques the investigators were using to determine the source of the leaks. What is clear is that for the past few days there has been a firestorm over this issue including calls for Dunn’s resignation.

This puts Dunn in an interesting position as she may have done what was absolutely necessary to protect HP investors but in doing so many have broken a law or two or three…

Of course all of this publicity brought out lots of public officials who smelled blood.

In fact HP said Monday it has been "informally contacted" by the U.S. Attorney’s Office concerning a company investigation into press leaks of confidential information.

The company said in a Securities and Exchange Commission filing that it is cooperating fully with the inquiry by the U.S. Attorney’s Office for the Northern District of California, along with an investigation by the California State Attorney General’s office, which requested similar information.

The question is who is going to be punished if anyone. Will it be HP, Dunn, the hired investigators or will everyone get in trouble in some way.

This leads us to the phone companies and credit card companies and other organizations who make “confidential information” so accessible to the general public. Technology exists today that will minimize the ability for people to use pretexting as a way to obtain personal information.

This incident may be exactly what is needed to get everyone around the world to wake up and tighten up their security. After all no matter how diligent customers are with protecting and shredding their data, a slew of organizations can give your most confidential information out to virtually anyone with a few tidbits of information about you.

Perhaps this is exactly the call to action the world needs. Will this be the straw that breaks the camel’s back? I suspect it just may be and we can expect politicians to jump all over this issue and not let it go until there are much harsher penalties in store for people who engage is such deceitful activities.

After 100 years of communications the PSTN seems to be dying as the world migrates to IP communications. In the process concepts like Pretexting need to be guarded against even more vigilantly in the new interconnected IP telephony world. The world’s premiere destination for learning about IP Communications remains Internet Telephony Conference & Expo next month in San Diego, California where you will learn about everything from IMS to IPTV and every other facet of the world of IP communications.

    Leave Your Comment


     

    Loading
    Share via
    Copy link
    Powered by Social Snap