Quid Pro Quo

Quid pro quo translates to “something for something.” So in the context of social engineering, a quid pro quo attack is when a social engineer offers a service, usually “tech support,” in exchange for access to secure information.

How it works:

  1. A social engineer pretends to be IT support, calling around a company
  2. They keep calling until they find someone with an actual problem
  3. Once they find a victim, they give them malicious instructions
  4. When executed, these instructions compromise the victim’s computer
  5. A social engineer can then install malware, collect information, or infiltrate a network