The process of gaining access to a computer or network by deception, particularly by persuading its users to reveal a password, install a Trojan horse program, or perform some other insecure action. For example, a user may receive a call from supposed IT staff asking him or her to perform an insecure action under some pretext.