Glossary
What is pretexting?
Pretexting is a social engineering technique where an attacker invents a believable scenario — a 'pretext' — to win your trust and extract information or access. They might pose as IT support, a supplier, an auditor or a new colleague to make their request seem routine.
How pretexting works
Unlike a smash-and-grab phishing email, pretexting is a setup. The attacker builds a plausible identity and story, often using real details, then asks for something that fits that story — a password reset, a file, a payment, building access.
Pretexting underpins many attacks, from vishing calls to business email compromise, because a good story lowers people's defenses.
Common pretexts
Frequent disguises include IT needing to 'verify' your login, a supplier updating bank details, a delivery driver needing access, or an executive's assistant making an urgent request.
How to prevent pretexting
- Verify identity and authority before acting on any unusual request.
- Follow set processes for payments, access and data — don't make exceptions under pressure.
- Be cautious when someone uses real details to seem trustworthy.
- Encourage a culture where checking and questioning is normal.
How HookPhish helps
HookPhish trains employees to recognize pretexting across email, phone and in person, and to fall back on verification and process rather than trust under pressure.
Frequently asked questions
Is pretexting the same as phishing?+
Pretexting is a social engineering technique — the fabricated story — that often powers phishing, vishing and BEC, but it can also happen in person or by phone.
How do I defend against pretexting?+
Verify identity and authority before acting, follow consistent processes for sensitive requests, and build a culture where questioning is encouraged.
Why is pretexting effective?+
A believable scenario, often backed by real details, lowers people's defenses and makes a malicious request feel routine.
Security training designed for people. Built for enterprise.
Learn how HookPhish can effortlessly transform your security program and reduce your human cyber-risk.
Fill out the form to schedule a 30-minute chat with a product expert. We'll discuss the challenges you want to solve, walk through HookPhish, and answer any questions.
Book a personalized demo
Looking to become a partner? Use this form instead.