This tactic is particularly harmful because if real employees can be tricked into believing the criminal is actually a coworker or a member of upper management, it is not very difficult for a charismatic social engineer to manipulate the employee into divulging extremely sensitive information, or even worse, unwittingly grant the impersonator unfettered access to the network.
As improbable as this technique seems, it is actually a favorite weapon in the social engineer's arsenal, and it has a frighteningly high rate of success! The primary reasons for the technique's popularity are (1) the information necessary to construct a credible pre-text is readily available, (2) there is almost no chance of being identified or …show more content…
To accomplish this, he must devise a believable story - or a "pre-text" - based on as much factual information as possible. Given that most companies and their staff members post volumes of information and data about the organization, its employees and its practices throughout various online sources, forming a detailed pre-text is often the easiest part of the process.
The "fellow employee" pre-text usually centers on a new employee, an off-site worker, or even a manager from a non-descript department who needs technical assistance, such as resetting credentials, creating a new account or reconnecting to the network from a different location. In these scenarios, the social engineer must conduct a bit of research about the company and its practices, then collect enough verifiable information about the persona he will be assuming so that the elaborate lie can withstand at least a minimal amount of