Pretexting is used when the criminal wants to access sensitive information from the victim for performing a critical task. The attacker tries to obtain the information through several carefully crafted lies.
The criminal begins by establishing trust with the victim. This may be done by impersonating their friends, colleagues, bank officials, police, or other authorities who may ask for such sensitive information. The attacker asks them a series of questions with the pretext of confirming their identity and gathers personal data in this process.
This method is used to extract all kinds of personal and official details from a person. Such information may include personal addresses, social security numbers, phone numbers, phone records, bank details, staff vacation dates, security information related to businesses, and so on.