05
Sat, Oct
2 New Articles

A Pretext for Deceit

Commentary
Typography
  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

This week's tirade stretches the rule about the pieces of nonsense that I write for this space having to be at least vaguely technology-related, but I was alerted to the subject by an item in a compendium of technology stories that, at my request, The Washington Post emails me daily. If The Washington Post considers it to be a technology story, that's good enough for me. In case it's not good enough for you, allow me to point out that, despite the fact that the activity I'm about to discuss doesn't necessarily require technology, the instance of it that I reference involves the telephone, which, of course, is a technology. Furthermore, the reason the practice is now in the news is that it was recently undertaken by an enterprise that is most definitely a technology company. For good measure, in order to bolster the technology context, I'll also include a paragraph that refers to an existing e-mail and Web issue. Thus, I do think that, if I have to, I can corroborate this column's technology-related credentials.

Now that I've thrown in enough words of mindless preamble to make absolutely certain that, after any edits, I will still have spewed out the maximum word count that MC Press will pay me for, let's get started.

This week, I'm going to talk about the "business" practice referred to as pretexting. In case you're not familiar with this term—if you're not, don't feel bad because it's a coined word (not coined by me) that you won't find in most dictionaries—I'll explain it. Pretexting has absolutely nothing to do with preparations taken before sending a text message. Nor does it refer to the period of human history before the dawn of text messaging. Instead, it's the practice of using a pretext to extract information from someone when they would likely not have given you that information if you told the truth. Many people would say it's the practice of using a "false pretext," but that would be redundant because the dictionary definition of "pretext" is a misleading or untrue reason given for something. And redundancy is a waste of time as it makes you spend time without gaining any value from its expenditure.

To illustrate pretexting, a September 9, 2006, Washington Post article used an example of a hypothetical company that gathers data by claiming to be a reputable research firm when, in fact, it's not. The article didn't suggest what purposes other than valid, anonymous research that the company might use that information for, but, on a personal rather than a corporate level, think in terms of the caller selling your personal data for big bucks to a whole mess of scum-like companies that will then annoy the hell out of you with a deluge of telemarketing calls, junk mail, and, if they can get your e-mail address, spam for the rest of your life and for the rest of your heirs' lives and their heirs' lives thereafter. Your third-generation heirs are probably safe, but I make no promises in that regard. On a corporate level, think of industrial espionage or the raiding of companies to try to hire away employees.

This is an old practice. Because you can do pretexting in person without any modern technology, I'd venture a guess that, while it may not be the world's oldest profession (wink, wink, nudge, nudge), it probably ranks right up there. Pretexting gained media prominence recently because investigators hired by Hewlett-Packard were caught doing it in order to attempt to find out who at HP leaked confidential corporate information to the media. The investigators obtained personal information, including Social Security Numbers, of various journalists and HP directors. The investigators used that information to trick phone companies into turning over the cell and home phone records of the people under investigation.

Despite the fact that this pretexting exercise was instigated as a result of the unauthorized disclosure of confidential corporate information by an insider—an activity that was, at best, likely unscrupulous and, at worst, possibly illegal—there are many people, myself included, who think that the pretexting was itself at least unethical, if not unlawful. Using a pretext, without any prior reference to a court, to spy on a bunch of people, most of whom are innocent, sounds very much like dirty pool to me.

As I mentioned, the practice of pretexting is not new. The term isn't new either, at least not here in Canada, but I can't speak for the rest of the world. About 20 years ago, I worked with a couple of former IT headhunters. One of them, who quit headhunting because she was uncomfortable with the lies she was expected to tell, told me about the pretexting that headhunting firms undertake in order to get the names and contact information of employees at targeted companies. Back then, headhunters in Canada and, although I can't say for sure, probably elsewhere, were already referring to it as pretexting.

Why anyone ever had to invent a word like pretexting is beyond me. There is already a perfectly good word that covers it: lying. If you are pretexting, you are deliberately saying something that is untrue. I checked the dictionary. That pretty much exactly matches the definition of lying.

The invention of the term "pretexting" is all part of the great human endeavor to soften uncomfortable things by couching them in manufactured, comfy language. It's like the word "downsizing," which is salve for the consciences of the downsizers but does little to help the downsized. When "downsizing" lost its comforting abilities through overuse, someone came up with the word "rightsizing."

A word to the downsizers and rightsizers: You're not downsizing or rightsizing. You're firing people. Many of those people are hard workers with strong work ethics. You're doing it because you think your business will be more profitable without those people than with them. I'm not opposed to that practice as long as the fired workers are treated as fairly as possible when dismissed. As they say, the business of business is business. Employment is not charity. All I'm saying is that if you're going to do it, have the guts to call it what it is: firing. And if you're going to make up some false story to get information that you would not otherwise get, have the guts to call that what it is too: lying, not pretexting.

The Washington Post article said that the laws concerning pretexting are, to use its term, fuzzy. A U.S. law already prohibits using false information to get financial data from individuals or corporations, but the legality of doing it to gather something other than financial data is a grey area. According to the article, Congress recently stiffened the penalties for using pretexting to access phone records, and some states are considering measures against pretexting as well.

Um, excuse me? I have no legal training, so I'm probably missing something, but aren't there already laws that prevent this practice? A pretexter tells lies in order to gain something of value. Clearly, the pretexter considers the data to be of value because otherwise he or she wouldn't go to the bother of trying to get it. Equally clearly, pretexters must think that the victims of pretexting believe that the nondisclosure of the information holds some value for themselves; otherwise, it wouldn't be necessary to use pretexting to obtain it. Let's sum this up. A pretexter lies in order to gain something of value from someone who wouldn't have given it to the pretexter if the truth had been told. Would someone please explain to me how that differs from fraud?

This has implications beyond the telephone pretexting discussed in the article. (I promised to relate it to email and the Web. This being the final paragraph, it's my last opportunity to keep my promise and avoid being accused of using a pretext to get you to read this column.) Phishing uses emails and Web sites that pretend to be something they're not—namely, the product of reputable, well-known companies—to gain information from you that you would otherwise not provide. If pretexting is legal, why shouldn't phishing be legal? Or, at the risk of being redundant again, if pretexting is legal, why shouldn't fraud be legal? As I said, I have no legal training, but my understanding is that fraud is not legal. Am I wrong about that?

Joel Klebanoff is a consultant, a writer, and president of Klebanoff Associates, Inc., a Toronto, Canada-based marketing communications firm. He is also the author of BYTE-ing Satire, a compilation of a year's worth of his columns. Joel has 25 years experience working in IT, first as a programmer/analyst and then as a marketer. He holds a Bachelor of Science in computer science and an MBA, both from the University of Toronto. Contact Joel at This email address is being protected from spambots. You need JavaScript enabled to view it.. Despite being designed to attempt to gain the benefits of potential customers for his marketing communications practice and potential buyers of his book, all of the information in this biographical paragraph is true. Honest.

Joel Klebanoff

Joel Klebanoff is a consultant, writer, and formerly president of Klebanoff Associates, Inc., a Toronto-based marketing communications firm. He has 30 years' experience in various IT capacities and now specializes in writing articles, white papers, and case studies for IT vendors and publications across North America. Joel is also the author of BYTE-ing Satire, a compilation of a year's worth of his columns. He holds a BS in computer science and an MBA, both from the University of Toronto.


MC Press books written by Joel Klebanoff available now on the MC Press Bookstore.

BYTE-ing Satire BYTE-ing Satire
Find out the hilarious answer to the eternal question: "Is technology more hindrance than help?"
List Price $14.95

Now On Sale

BLOG COMMENTS POWERED BY DISQUS

LATEST COMMENTS

Support MC Press Online

$

Book Reviews

Resource Center

  • SB Profound WC 5536 Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application. You can find Part 1 here. In Part 2 of our free Node.js Webinar Series, Brian May teaches you the different tooling options available for writing code, debugging, and using Git for version control. Brian will briefly discuss the different tools available, and demonstrate his preferred setup for Node development on IBM i or any platform. Attend this webinar to learn:

  • SB Profound WP 5539More than ever, there is a demand for IT to deliver innovation. Your IBM i has been an essential part of your business operations for years. However, your organization may struggle to maintain the current system and implement new projects. The thousands of customers we've worked with and surveyed state that expectations regarding the digital footprint and vision of the company are not aligned with the current IT environment.

  • SB HelpSystems ROBOT Generic IBM announced the E1080 servers using the latest Power10 processor in September 2021. The most powerful processor from IBM to date, Power10 is designed to handle the demands of doing business in today’s high-tech atmosphere, including running cloud applications, supporting big data, and managing AI workloads. But what does Power10 mean for your data center? In this recorded webinar, IBMers Dan Sundt and Dylan Boday join IBM Power Champion Tom Huntington for a discussion on why Power10 technology is the right strategic investment if you run IBM i, AIX, or Linux. In this action-packed hour, Tom will share trends from the IBM i and AIX user communities while Dan and Dylan dive into the tech specs for key hardware, including:

  • Magic MarkTRY the one package that solves all your document design and printing challenges on all your platforms. Produce bar code labels, electronic forms, ad hoc reports, and RFID tags – without programming! MarkMagic is the only document design and print solution that combines report writing, WYSIWYG label and forms design, and conditional printing in one integrated product. Make sure your data survives when catastrophe hits. Request your trial now!  Request Now.

  • SB HelpSystems ROBOT GenericForms of ransomware has been around for over 30 years, and with more and more organizations suffering attacks each year, it continues to endure. What has made ransomware such a durable threat and what is the best way to combat it? In order to prevent ransomware, organizations must first understand how it works.

  • SB HelpSystems ROBOT GenericIT security is a top priority for businesses around the world, but most IBM i pros don’t know where to begin—and most cybersecurity experts don’t know IBM i. In this session, Robin Tatam explores the business impact of lax IBM i security, the top vulnerabilities putting IBM i at risk, and the steps you can take to protect your organization. If you’re looking to avoid unexpected downtime or corrupted data, you don’t want to miss this session.

  • SB HelpSystems ROBOT GenericCan you trust all of your users all of the time? A typical end user receives 16 malicious emails each month, but only 17 percent of these phishing campaigns are reported to IT. Once an attack is underway, most organizations won’t discover the breach until six months later. A staggering amount of damage can occur in that time. Despite these risks, 93 percent of organizations are leaving their IBM i systems vulnerable to cybercrime. In this on-demand webinar, IBM i security experts Robin Tatam and Sandi Moore will reveal:

  • FORTRA Disaster protection is vital to every business. Yet, it often consists of patched together procedures that are prone to error. From automatic backups to data encryption to media management, Robot automates the routine (yet often complex) tasks of iSeries backup and recovery, saving you time and money and making the process safer and more reliable. Automate your backups with the Robot Backup and Recovery Solution. Key features include:

  • FORTRAManaging messages on your IBM i can be more than a full-time job if you have to do it manually. Messages need a response and resources must be monitored—often over multiple systems and across platforms. How can you be sure you won’t miss important system events? Automate your message center with the Robot Message Management Solution. Key features include:

  • FORTRAThe thought of printing, distributing, and storing iSeries reports manually may reduce you to tears. Paper and labor costs associated with report generation can spiral out of control. Mountains of paper threaten to swamp your files. Robot automates report bursting, distribution, bundling, and archiving, and offers secure, selective online report viewing. Manage your reports with the Robot Report Management Solution. Key features include:

  • FORTRAFor over 30 years, Robot has been a leader in systems management for IBM i. With batch job creation and scheduling at its core, the Robot Job Scheduling Solution reduces the opportunity for human error and helps you maintain service levels, automating even the biggest, most complex runbooks. Manage your job schedule with the Robot Job Scheduling Solution. Key features include:

  • LANSA Business users want new applications now. Market and regulatory pressures require faster application updates and delivery into production. Your IBM i developers may be approaching retirement, and you see no sure way to fill their positions with experienced developers. In addition, you may be caught between maintaining your existing applications and the uncertainty of moving to something new.

  • LANSAWhen it comes to creating your business applications, there are hundreds of coding platforms and programming languages to choose from. These options range from very complex traditional programming languages to Low-Code platforms where sometimes no traditional coding experience is needed. Download our whitepaper, The Power of Writing Code in a Low-Code Solution, and:

  • LANSASupply Chain is becoming increasingly complex and unpredictable. From raw materials for manufacturing to food supply chains, the journey from source to production to delivery to consumers is marred with inefficiencies, manual processes, shortages, recalls, counterfeits, and scandals. In this webinar, we discuss how:

  • The MC Resource Centers bring you the widest selection of white papers, trial software, and on-demand webcasts for you to choose from. >> Review the list of White Papers, Trial Software or On-Demand Webcast at the MC Press Resource Center. >> Add the items to yru Cart and complet he checkout process and submit

  • Profound Logic Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application.

  • SB Profound WC 5536Join us for this hour-long webcast that will explore:

  • Fortra IT managers hoping to find new IBM i talent are discovering that the pool of experienced RPG programmers and operators or administrators with intimate knowledge of the operating system and the applications that run on it is small. This begs the question: How will you manage the platform that supports such a big part of your business? This guide offers strategies and software suggestions to help you plan IT staffing and resources and smooth the transition after your AS/400 talent retires. Read on to learn: