- Security
- Privacy
- Performance
Pretexting scams are clever schemes that use fabricated stories to trick you into giving up sensitive information or cash. Find out how pretexting works, recognize the warning signs, and learn how to protect yourself. Then, get an AI-powered security app for added protection against scams, malware, and other online threats.
Pretexting is a type of social engineering scam where fraudsters invent believable stories and scenarios — or “pretexts” — to manipulate victims into revealing personal information, granting access to accounts, or sending money. These scams rely on emotional triggers and carefully crafted lies to build trust and exploit the victim’s willingness to help.
A scammer uses the pretext of a sick friend in need to manipulate their victim.
Pretexting works by gaining the victim’s trust through a convincing backstory. Scammers often send messages posing as a friend, family member, company representative, or authority figure to make their request seem legitimate. The ultimate goal of these pretenses is usually to extract sensitive information or money.
Most pretext scams follow a similar pattern:
Research: Scammers typically gather personal details about the target, such as job info, family ties, or online activity. Note that some may skip this step, opting for a general, one-size-fits-all pretext.
Building trust: They begin communicating with the victim, posing as someone familiar or authoritative to establish credibility.
The pretext: A believable, urgent scenario is concocted, prompting the victim to act quickly without thinking.
Extraction: The victim falls for the pretext and gives the scammer the sensitive details or money that they were after.
Exploitation: The scammer uses stolen information to commit fraud or identity theft.
Trust is key in pretexting, so scammers often target vulnerable individuals, like the elderly or socially isolated, who may be more inclined to believe the fabricated scenario. What sets pretexting apart from hacking or data breaches is its reliance on psychological manipulation and detailed, believable stories to coax information directly from the victim.
There are several red flags that someone is attempting to manipulate your trust that can help you identify a pretext scam. These include urgency, unusual or suspicious requests, and odd communication patterns.
Here are the signs of a potential pretext attack to look out for:
Urgent language: Scammers create a sense of urgency to pressure you into quick action, using words like “now,” “immediately,” or “right away.” If you try to delay, they may become increasingly insistent.
Overly familiar language: Pretexters often act like they’re already your friend or someone you know, using phrases like “Hey, can you do me a favor?” to make their request seem natural.
Suspicious requests: Be cautious of any message that asks for sensitive information, a download, or a financial transaction — even if the rest of the message seems normal.
False contact details: Some scammers use spoofing techniques to mimic legitimate websites, emails, or phone numbers. Always check for discrepancies in URLs, email addresses, or phone numbers.
Strange communication patterns: When challenged, scammers may change the subject, ignore your questions, or provide vague, scripted excuses.
While legitimate messages can sometimes include these elements too, always verify senders’ identities before taking any action. If in doubt, pause and investigate further.
There are many pretext attack tactics scammers can use, including posing as tech support, offering fake gifts, or sending phishing links. They often combine these methods, depending on their target and what they’re trying to steal.
One of the most common tactics in the pretexting playbook is impersonation, where scammers pretend to be a friend, family member, or representative from a trusted company. For example, in tech support scams, they pose as employees of Microsoft or Apple on the pretext of “fixing” your device. In a USPS text scam, they impersonate a delivery worker claiming there’s an issue with your package.
To make their act more believable, scammers may spoof phone numbers or email addresses to match the person or organization they’re pretending to be.
A pretext scammer impersonating Microsoft.
Tailgating in pretexting scams involves physically following a target into a secure area by blending in and appearing legitimate — all without raising alarms. Once inside, the attacker can exploit the environment to find sensitive data or access restricted systems, relying on the illusion of belonging to avoid detection.
Piggybacking takes pretexting a step further: the attacker doesn’t just sneak in but actively manipulates their way in by posing as someone trustworthy. They might pretend to be a delivery driver, maintenance worker, or even a colleague with a plausible story, tricking the target into granting them direct access and bypassing normal security measures.
Pretext scammers can take advantage of helpful people to gain access to secure areas.
Baiting is when scammers lure victims into downloading malware under false pretenses, like a “lost” USB drive disguised as a legitimate company’s product or an online ad for free game or movie downloads. This technique can also involve the promise of fake rewards, such as vouchers, refunds, or cash prizes, to coax personal details from victims. Instead, victims are left exposed to theft and fraud.
Phishing occurs when a scammer attempts to trick a victim into revealing sensitive information or clicking a link loaded with malware. These attacks often involve pretexting scenarios designed to gain the victim’s trust and manipulate them. In some cases, pretext phishing may involve building a relationship through multiple messages before the actual scam is attempted.
Spear phishing, a subset of phishing, always involves pretexting. It targets a specific individual and tailors the messages to their life, incorporating details about the people they know. This highly targeted, personalized approach can convince the victim to hand over personal information or click on a malicious link.
For instance, a scammer might pretend to be your employer and initiate a conversation that seems legitimate. After a few seemingly innocent exchanges, you might receive a message containing a malicious link disguised as a work document that needs urgent review.
An example of a phishing scam using the pretext of signing a fake employment document.
Vishing, or voice phishing, involves the use of phone calls or voice messages to trick someone into handing over sensitive information. For example, a scammer may call up a victim under the pretext of being from the Social Security Administration. They may use a spoofed number to attempt to get them to disclose their Social Security number, which can then be used to commit identity theft.
Smishing is similar but uses SMS text messages as the method of communication. For example, a scammer impersonating the IRS may send a text relating to a fake tax refund.
Scareware uses alarming messages to deceive victims into downloading malicious software. It preys on fear and panic, prompting victims to act without thinking. Typically, scareware appears as pop-up warnings that threaten catastrophic consequences if the user doesn’t install a fake antivirus or security tool.
A scareware virus alert on a computer.
Scareware can also take other forms, such as fake messages from authorities that threaten prosecution unless a “fine” or “back taxes” are sent, or a fake ransomware warning that demands payment to unlock certain files.
Whaling is a type of phishing attack where scammers impersonate high-profile individuals to manipulate victims. While some attacks feature impersonations of celebrities or prominent business figures, the most common scenario involves a scammer posing as a CEO or other senior executive within the victim’s workplace.
In many cases, the ultimate goal isn’t to target the employee personally but to use them as a gateway to access broader company resources. However, some whaling attacks do exploit high-profile individuals purely for their personal assets, without any further intent to compromise the company.
There are numerous pretexts that scammers employ, from romantic relationships to requests for charitable donations. While pretexts vary dramatically in scope and context, they all have the same goal: to trick the victim into giving them money or information.
Here are some examples of different types of pretexts used by scammers:
Romance scams: Scammers pretend to be in a romantic relationship with the victim, often targeting lonely or vulnerable individuals. They may pose as a wealthy individual seeking someone to spoil and, after gaining the victim’s trust, request money or personal information as proof of loyalty. This is commonly referred to as a sugar daddy scam.
Family emergency scams: Scammers exploit the elderly by impersonating a grandchild or another family member in need. Using urgent language and emotional manipulation, they pressure the victim to act quickly, often invoking guilt if the victim hesitates to help.
Prize scams: These scams promise the victim a prize, like a gift card, luxury item, vacation, or other enticing reward, to capture their attention. To claim the prize, the victim must provide personal information or pay a fee, which the scammer then uses to their advantage.
Cash app and payment platform scams: Using platforms like Venmo, PayPal, and Cash App, scammers establish a direct line to the victim’s money. One common tactic is the fake #CashAppFriday promotion, where victims are told they’ve won and must pay a fee to claim the prize.
Charity scams: Here, scammers pose as legitimate charities to solicit donations. They might tailor the fake charity to match the victim’s interests, such as pretending to represent animal welfare or environmental groups like Save the Whales or Greenpeace. The donation link is fraudulent, and any money sent goes directly to the scammer.
Here are some specific examples of real-life pretexting scams that have leveraged current events or exploited vulnerabilities to target large numbers of victims:
War charities: Scammers often exploit real-world tragedies to deceive people. For instance, since the onset of the full-scale Russia-Ukraine war in 2022, numerous fake charities have emerged, claiming to support humanitarian causes in Ukraine. Similarly, charity scams have targeted those wishing to help with aid relief efforts in Gaza, tricking generous individuals into donating to fraudulent causes.
Tech layoffs: In the aftermath of widespread layoffs in the U.S. tech industry in 2023, impacting employees at Amazon, Google, and Microsoft, scammers posed as recruiters on platforms like LinkedIn. They used genuine job postings to create realistic fake listings and career portals, collecting sensitive information from hopeful job seekers.
AIDS Trojan: One of the earliest large-scale pretexting scams dates back to 1989, when Dr. Joseph L. Popp mailed infected floppy disks to attendees of an international AIDS conference. The disks, labeled “AIDS Information Introductory Diskette,” contained malware that held victims’ data hostage and demanded a ransom payment.
Celebrity romance scams: Some romance scammers have turned to deepfake technology to enable more sophisticated and convincing impersonations. A striking example involves a woman in France who was defrauded of over $800,000 by a scammer posing as Brad Pitt.
You can help protect yourself from pretexting scams by educating yourself on the threat, staying alert, verifying senders, and reporting suspicious activity to the proper authorities.
Here are more ways to guard against pretexting scams:
Look for warning signs: Be wary of messages that seem urgent, arrive unexpectedly, or contain red flags like unusual replies or suspicious requests.
Avoid sharing sensitive information: Don’t click on links or provide personal details unless you’re certain you’re dealing with a legitimate source.
Verify the sender: If you suspect you’re talking to an impostor, reach out to the supposed sender or organization through a known, trusted channel to confirm whether the request is genuine.
Report suspicious behavior: If you think you’ve been targeted by a pretexting scam, report it immediately to your workplace’s management and IT department. You should also contact your local authorities and, if you’re in the U.S., the FTC.
Stay aware of your surroundings: To prevent tailgating attacks, remain vigilant as you enter secured areas, like office buildings or apartment complexes. Always follow your workplace’s security policies and procedures.
Pretexting scams thrive on deception, but you don’t have to face them alone. Avast Free Antivirus leverages advanced AI-powered technology to detect attempted scams and malicious links in real time. Plus, it includes robust anti-malware protection that blocks harmful downloads and helps keep hackers at bay. Don’t let scammers get the last word — get award-winning protection today.
