The Art of the Lie.
Pretexting is a social engineering technique where an attacker creates a fabricated scenario (the pretext) to gain a victim's trust and steal information.
The IT Impersonator
"I'm from support, I need your password to fix the server."
The Vendor Survey
"Fill out this survey for a $50 gift card."
The HR Audit
"Update your direct deposit info immediately."
Get Your Personalized Demo
Fill out the form below to see Lora in action.
How Pretexting Works
Defensive boundaries fall when we think we are helping someone do their job. Pretexting exploits our natural desire to be helpful or obedient. The attacker establishes a "pretext"—a reason for the request—that makes the intrusion seem normal.
Building Trust
Attackers may spend time chatting, name-dropping colleagues, or providing "verification" data they found online to establish legitimacy.
The Request
Once trust is built, they ask for the payload: a password, a file, network access, or a payment.
The Escape
They disappear before the victim realizes they've been tricked. Often, the victim never reports it out of embarrassment.
Common Pretexts
- •The "Tech Support" Scam: Claiming to need remote access to fix a virus.
- •The "Executive" Assessment: "I'm doing a secret project for the CEO, I need these files."
- •The "Compliance" Check: "We are auditing healthcare benefits, please confirm your SSN."
Expose the Lie
PhishFirewall trains employees to verify the source. We simulate sophisticated pretexts to teach your team to say "Verify, then Trust."
Build a Skeptical Culture