(also pretexting attack)
A social engineering attack where the victim is tricked by a fake scenario (a pretext) to perform an action or reveal personal information. To get victims to lower their guard, attackers often impersonate people the former naturally trusts, like coworkers or officials.
2018: hackers impersonated Cabarrus County (US) suppliers and tricked officials into making payments to a fake bank account, stealing around 1.7 million dollars.
2020: a cybercriminal impersonated Barbara Corcoran’s assistant and through email tricked her into losing nearly 400,000 dollars.