A type of fraud that utilizes social engineering. The purpose is to obtain confidential data. Most often, the objective is financial information: online bank account credentials, credit card PIN codes, etc.

Typically, the attacker contacts the victim over the phone, having created a pretext to do so (hence the name). Using various psychological techniques, the scammer tries to coax or alarm the victim into revealing the information required.

Pretexting is often preceded by research on the part of the cybercriminal. For example, they might find out the maiden name of the victim’s mother, the name of their pet, or other personal information.