Protecting Yourself from Pretexting
With this knowledge of what pretexting is and how it's used, it's time to discuss how to protect yourself. How do you protect yourself from social engineers who create elaborate scenarios, plan each detail, and are driven to steal? What protective measures must you take to keep your information and your valuables?
Like any other defense to social engineering, you must be proactive and not reactive. If you receive an e-mail from someone saying that a maintenance worker will be swinging by, contact the sender's company, not the sender. Give them a ring and verify that they are sending someone. If you're home when they arrive, ask to speak to their supervisor, but don't take their word for it, ask for the company's corporate number and their supervisor's name, so that you can call from your own personal phone. It may seem rude, but if they are a social engineer, your best defense is to punch holes into their fantasy world.
The same applies to websites advertising events and expos. Call the event center and ask about the event; go straight to the source. It should raise red flags in your head when you notice that only cash and PayPal are accepted.
In any event, your best measure of protection is to hit the source of the pretense. If the social engineer is using pretexting, their weakest point is the fact that their source doesn't exist, it's all fabricated.