Which technique tricks individuals into revealing sensitive information during reconnaissance attacks?

The technique that effectively tricks individuals into revealing sensitive information during reconnaissance attacks is social engineering. This method relies on psychological manipulation rather than technical hacking skills. Attackers exploit human trust and curiosity to gain sensitive information, often posing as trusted figures or creating scenarios that compel the target to disclose details.

For instance, an attacker might impersonate an IT support technician, asking employees for their usernames and passwords under the pretext of performing system updates. This direct interaction with a potential victim can yield critical data that might not be accessible through more technical means.

While techniques like ping sweeping, port scanning, and DNS footprinting gather system information and map network resources, they do not involve interaction with individuals. Such methods focus on finding out which devices are active or identifying open ports, but they lack the human element that characterizes social engineering attacks. Therefore, social engineering stands out as the technique that specifically manipulates people into divulging sensitive information.