Helpdesk impersonation is a social-engineering tactic in which an attacker pretends to be IT support, a service desk agent, or another trusted helper. The goal is to pressure a target into taking an unsafe action, such as sharing a password, approving a login, opening a file, visiting a link, or changing security settings. Because the request sounds routine and urgent, victims often lower their guard.
This tactic matters in cyber security because it turns trust into an attack path. In real intrusions, attackers may use email, chat, SMS, or voice to imitate support staff and exploit the user’s expectation that helpdesk requests are legitimate. Defenders reduce the risk by verifying requests through a separate channel, using strong MFA, applying Conditional Access, and training users to treat unexpected support messages as suspicious. Helpdesk impersonation is especially dangerous when combined with account compromise, since a trusted identity can make malicious instructions look normal.