While performing external reconnaissance, you telephone several employees of a target company claiming to be a new HR intern who is "verifying the staff directory." You ask for full names, job titles, and internal extension numbers so you can later craft spear-phishing emails. Which social-engineering approach are you using, and why is it especially valuable during the footprinting phase of an engagement?
Phishing; it uses deceptive emails to deliver malicious links that capture user credentials for later exploitation
Pretexting; it leverages a fabricated role to convince targets to release internal contact details critical for mapping the organization
Baiting; it relies on physical media loaded with malware to entice employees into compromising internal systems
Quid pro quo; it offers a benefit in exchange for sensitive information, forcing employees to perform unauthorized actions
The scenario describes pretexting: the caller invents a credible back-story (a new HR intern) to persuade victims to divulge information they normally would not share. Pretexting is particularly useful in footprinting because it elicits organization-specific details-names, roles, phone numbers-without triggering technical defenses. Phishing, baiting, and quid pro quo rely on lures like fraudulent emails, malicious media, or offered assistance; they do not inherently focus on harvesting structural data about the organization via a fabricated identity, which is the goal during early reconnaissance.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is pretexting in social engineering?
Open an interactive chat with Bash
Why is footprinting important in ethical hacking?
Open an interactive chat with Bash
How does pretexting differ from phishing?
Open an interactive chat with Bash
What is pretexting in social engineering?
Open an interactive chat with Bash
Why is footprinting important in ethical hacking?
Open an interactive chat with Bash
How does pretexting differ from phishing?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Reconnaissance Techniques
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .