Attacks & Threats
Quid Pro Quo Attack
Also known as: Service-for-info scam
Definition
A social-engineering attack in which the attacker offers a service or benefit in exchange for information or access from the victim.
Examples
- An attacker calls random employees offering to "fix slow Wi-Fi" in exchange for their domain credentials.
- A pop-up promises a free gift card if the user submits their corporate email and password.
Related terms
Social Engineering
The psychological manipulation of people into performing actions or disclosing confidential information that benefits an attacker.
Baiting
A social-engineering attack that lures victims with an enticing physical or digital object designed to trigger malware execution or credential theft.
Pretexting
A social-engineering technique in which an attacker invents a believable scenario or identity to manipulate a target into disclosing information or performing an action.
Phishing
A social-engineering attack in which an attacker impersonates a trusted party to trick a victim into revealing credentials, transferring money, or running malware.
Vishing
Phishing conducted over voice channels — phone calls or VoIP — to manipulate victims into revealing credentials, payments, or remote access.
Tech Support Scam
A fraud in which attackers pose as technical support agents from a well-known vendor to convince victims to install remote-access tools, hand over credentials, or pay for fake services.