Pretexting
Pretexting is a technique used by cybercriminals to trick someone into sharing information that they shouldn’t. It starts with the perpetrator creating a false identity or story to gain trust and manipulate the victim into revealing sensitive information or completing a task that could lead to a security breach.
For example, a cybercriminal could pretend to be from the IT department and call an employee to ask for their login credentials. They might say that a technical issue is affecting the company’s email system and that they need the employee’s login details to fix it. The employee, thinking they’re helping the company, could unwittingly give away their login credentials, which the cybercriminal can then use to access sensitive data.
Pretexting is a popular technique because it relies on human error rather than hacking into a system, so it can be harder to detect. It’s important to be cautious when someone asks for confidential information, even if they seem trustworthy, and always verify the request with a trusted source.