Quid pro quo is a social engineering attack where the victim is offered something in exchange for sensitive information or access.
Example:
Ava poses as a cybersecurity consultant and offers free security training to company employees in exchange for their login credentials. She claims this activity is part of a simulated phishing exercise. The employees offer their credentials to Ava who then uses them to gain unauthorized access to sensitive company data.
Prevention Tips:
- Be skeptical of offers that seem too good to be true.
- Don’t provide personal information or access in exchange for unsolicited offers.