ELI5: What is Pretexting?
A pretexting attack is when someone makes up a convincing story to trick you — like calling and saying “Hi, I’m from the IT department, I need your password to fix your computer.” The whole story is fake, but it sounds believable.
Definition
Pretexting is a social engineering technique in which an attacker creates a fabricated scenario (a pretext) to manipulate a target into providing information, access, or performing actions they otherwise would not. The attacker invents a plausible identity or situation—impersonating IT support, a vendor, a bank representative, or an auditor—to establish credibility before making their actual request.
Key Details
- Distinguished from phishing by being more targeted and personalized—requires research about the target.
- Common personas: IT helpdesk (“I need to reset your password”), bank fraud department (“We detected suspicious activity”), auditor (“I need to verify your access for compliance”).
- The “I’m from IT” attack: Calling a user claiming to need remote access to fix a problem—gets credentials or installs remote access tools.
- Verification procedures are key defenses: always verify caller identity through official channels before providing access or information.
- Combines with other techniques: pretexting provides context for why the victim should comply with a phishing, vishing, or baiting attack.
Connections
- Parent: social-engineering — a foundational social engineering technique
- See also: phishing, vishing