What's a pretext?

A pretext is a made-up story that social engineers use to convince a victim to reveal secret information or take a malicious action.

How do I use this?

Search by keyword or filter by type of pretext. For example, filter to all pretexts designed for credential harvesting delivered via email.

Contribute

Please review these contribution guidelines prior to submitting a pretext. If you'd like to help curate our collection of pretexts, please DM @joeleonjr.

Pretext Methods Goal Payloads Date Tags
Citrix ShareFile email cred harvest malware doc docx xls xlsx ppt pptx phishing page drive-by-download August 23, 2020 intrigue gossip Citrix File share ShareFile link
Coronavirus Pandemic Loan email info gather doc docx pdf phishing page August 23, 2020 authority urgency pandemic coronavirus covid covid-19 sba small business administration loan relief
Intern Meeting with CEO phone email cred harvest malware doc docx hta phishing page drive-by-download August 23, 2020 authority importance CEO intern internship calendar app meeting schedule meeting
Sexual Harassment Policy Update email cred harvest malware doc docx pdf hta click-once phishing page August 23, 2020 authority urgency HR human resources signature
Web Browser Check email malware hta click-once August 23, 2020 authority urgency IT information technology web browser browser vulnerability
Salary Renegotiation Process email cred harvest malware doc docx pdf hta phishing page drive-by-download August 24, 2020 intrigue salary money negotiation calendar meeting schedule
LinkedIn Invitation Waiting email cred harvest phishing page drive-by-download August 25, 2020 linkedin professional networking social media invitation connection network evilgnx2
Conference Speaker phone email malware doc docx pdf hta phishing page drive-by-download August 26, 2020 intrigue ego conference speaker panelist speech
Link Disguised as Attachment email malware drive-by-download August 26, 2020 fake attachment attachment pdf css html html email
New Voicemail email cred harvest malware hta click-once phishing page drive-by-download August 27, 2020 intrigue surprise voicemail message
Updated Terms of Service email cred harvest phishing page August 27, 2020 terms terms of service tos updated policies privacy policy HR human Resources office 365 o365
Medical Test Results email malware doc docx xls xlsx pdf August 28, 2020 curiosity medical medical results doctor doctors covid coronavirus test results health health insurance
Missed Zoom Meeting email cred harvest phishing page drive-by-download August 28, 2020 missing out missed meeting teleconference zoom intrigue guilt
WebEx Security Vulnerability email cred harvest phishing page drive-by-download August 28, 2020 security cve security vulnerability cybersecurity it security information security urgency information technology it webex cisco teleconference