In a pretexting or impersonation attack, attackers create a fake identity and use it to manipulate their victims into providing private information. For example, attackers may pretend to be an external IT service provider, and request user’s account details and passwords to assist them with a problem. Or they might pretend to be the victim’s financial institution, asking them for confirmation of their bank account number or bank website credentials.
