Which term best describes an attack that relies mainly on deceit and trickery to obtain personal information from users?

The idea here is about manipulating people to reveal sensitive data rather than breaking into systems directly. That broad tactic is called social engineering. It relies on deceit and trickery—using persuasion, manipulation, or false pretenses to get users to share passwords, financial details, or other personal information. Phishing is a common method within social engineering, where fraudulent messages try to look legitimate to lure you into entering credentials. Catfishing involves deception for romantic or social purposes, not specifically security data. Doxing is about publicly exposing someone’s private information, not about tricking them into giving it up. So the term that best describes an attack based on deceit and trickery to obtain personal information is social engineering, since it covers the wide range of manipulation tactics used to bypass human safeguards.