Phishing: Attackers send fraudulent emails, messages, or websites that appear to be from legitimate sources, aiming to trick recipients into revealing sensitive information like passwords, credit card numbers, or login credentials.

Spear Phishing: A targeted form of phishing where attackers gather specific information about a person or organization to craft personalized messages that are more convincing.

Whaling: Similar to spear phishing, but targeting high-profile individuals such as executives or celebrities to gain access to sensitive data or financial resources.

Baiting: Attackers offer something enticing, such as free software, to lure victims into downloading malicious software or providing personal information.

Pretexting: Attackers create a fabricated scenario or pretext to elicit information from individuals. For example, an attacker might pose as a coworker or service provider and request sensitive information.

Quid Pro Quo: Attackers promise something in return for information or assistance. For instance, they might offer technical support in exchange for login credentials.

Tailgating or Piggybacking: An attacker physically follows an authorized person into a restricted area, exploiting the victim’s natural tendency to hold doors open for others.

Impersonation: Attackers pose as legitimate individuals or entities, such as tech support, to gain trust and manipulate victims into taking actions that compromise security.

Reverse Social Engineering: Attackers gain victims’ trust and then manipulate them into providing sensitive information or performing actions.

Human-Based Attacks: Techniques that involve direct interaction with individuals, such as phone calls, in-person conversations, or convincing them to provide information over the phone.