Pretexting
What is Pretexting?
PretextingA social-engineering technique in which an attacker invents a believable scenario or identity to manipulate a target into disclosing information or performing an action.
Pretexting is the foundation of many social-engineering attacks. The attacker researches the victim, then crafts a credible story — posing as an auditor, IT engineer, recruiter, courier, or executive — to justify the request being made. Unlike opportunistic phishing, pretexting is often targeted and uses real names, internal jargon, or org-chart knowledge gathered from LinkedIn, leaks, or open-source intelligence. The pretext lowers the victim's defences and provides cover for unusual requests such as password resets, wire transfers, or building access. Defences include callback verification using trusted contact lists, dual approval for high-impact actions, awareness training, and limiting publicly exposed organizational information.
● Examples
- 01
A caller claiming to be from "IT support" asks an employee for their MFA code to "verify" a security alert.
- 02
An attacker pretending to be a vendor requests updated payment details from accounts payable.
● Frequently asked questions
What is Pretexting?
A social-engineering technique in which an attacker invents a believable scenario or identity to manipulate a target into disclosing information or performing an action. It belongs to the Attacks & Threats category of cybersecurity.
What does Pretexting mean?
A social-engineering technique in which an attacker invents a believable scenario or identity to manipulate a target into disclosing information or performing an action.
How do you defend against Pretexting?
Defences for Pretexting typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Pretexting?
Common alternative names include: Impersonation scam.