An attacker engages in pretexting behavior to solicit information from
						target persons, or manipulate the target into performing some action that
						serves the attacker's interests. During a pretexting attack the attacker
						creates an invented scenario, assuming an identity or role to persuade a
						targeted victim to release information or perform some action. It is more
						than just creating a lie, in some cases it can be creating a whole new
						identity and then using that identity to manipulate the receipt of
						information. Pretexting can also be used to impersonate people in certain
						jobs and roles that they never themselves have done. Basic pretexting
						attacks may simply seek to learn information about a target, but more
						complicated pretexting attacks seek to solicit a target to perform some
						action that assists the attacker in exploiting organizational weaknesses or
						obtaining access to secure facilities or systems. One example of a
						pretexting attack could be to dress up like a jogger and run in place by the
						entrance of a building, pretending to look for your access card. Because the
						hood obscures you face, it may be possible to solicit someone inside the
						building to let you inside. Pretexting is also not a one-size fits all
						solution. A social engineering attacker will have to develop many different
						pretexts over their career. All of them will have one thing in common,
						research. Good information gather techniques can make or break a good
						pretext. Being able to mimic the perfect tech support rep is useless if the
						target does not use outside support. Pretexting is also used in other areas
						of life other than social engineering. Sales, public speaking, so-called
						fortune tellers, NLP experts and even doctors, lawyers, therapists and the
						like all have to use a form of pretexting. They all have to create a
						scenario where a person is comfortable with releasing information they
						normally would not. One of the most important aspects of social engineering
						is trust. If the attacker cannot build trust they will most likely fail. A
						solid pretext is an essential part of building trust. If an attacker's
						alias, story, or identity has holes or lacks credibility or even the
						perception of credibility the target will most likely catch on. Similar to
						inserting the proper key in a lock, the right pretext provides the proper
						cues to those around the attacker and can disarm their suspicions or doubts
						and open up the doors, so to speak. .