Associations

The human mind quickly jumps to conclusions and sides with what is familiar to us. This is why we see the Virgin Mary on toast and that woman standing on Mars. Attackers can exploit that by playing with your associations, making it unclear who is calling you and being vague about what they are talking about. Often enough the attacker doesn’t know themselves who they supposed to impersonate, but the person being hacked fills the gaps for them. Who was that just now on the phone talking about some security audit? Must have been Adam. He always bugs people about that stuff. But if it wasn’t Adam, who did you just gave that password to?