What is pretexting in social engineering?

Pretexting is a social engineering technique where the attacker creates a fabricated scenario, or pretext, to gain the victim's trust and extract information or access. The attacker assumes a false identity such as IT support, a bank representative, a vendor, or a coworker and builds a believable story requiring the victim's cooperation. For example, an attacker might call claiming to be from the help desk performing a mandatory password reset. Pretexting differs from phishing because it relies on interactive conversation and relationship building rather than a single deceptive message.