Quid pro quo attack definition
A quid pro quo attack is a type of social engineering attack in which the attacker promises the victim a favor in exchange for information or other benefits. The phrase “quid pro quo” comes from Latin and means “something for something.”
Quid pro quo attack scheme
When launching a quid pro quo attack, the attacker offers the victim some benefit. It could be a service, such as removing malware and potential viruses from the victim's computer.
To receive the benefit, the victim must first do something – for example, give the attacker access to their computer or send them their login credentials.
Some quid pro quo attacks might appear innocuous. Attackers may only ask for phone numbers or email addresses, but these can be used in future malicious campaigns, e.g., for phishing.
Quid pro quo attack prevention
Most quid pro quo attacks can be avoided. Users need to be aware of this method and know not to share their personal information with random strangers.
The best way to protect yourself is not to engage in any exchange unless you are the one who initiated the communication.