Pretexting

Pretexting is a social engineering technique where the attacker creates a fabricated scenario (the pretext) to engage a target and manipulate them into providing information or access. The attacker assumes a false identity or role — IT support, auditor, law enforcement, new employee — and builds a plausible story to justify their request.

Pretexting often precedes other attacks: an attacker might call claiming to be from IT support, establish trust through the pretext, and then ask the target to reveal their password or install software. The more detailed and believable the pretext, the more likely the target is to comply.