This presentation examines a social engineering project that was implemented by an undergraduate student in the summer of 2019 at Temple University. The social engineering project focused on the technique of pretexting, which involves someone presenting themselves as someone else in order to acquire information or to convince someone to disclose information. This project utilized the social engineering tactic of pretexting in order to determine how susceptible college students are in disclosing information that is often used for online passwords or security questions. Each of four pretexts used in this project involved the targets answering the same set of questions through a survey that asked for potentially sensitive information, such as their mother’s maiden name or the street that they grew up on. After completing the survey, the targets received full disclosure and were interviewed about their participation, which provided findings for the targets’ rationale behind answering or skipping specific questions, their levels of awareness of the sensitivity of such data, and their reasonings for trusting the social engineer and agreeing to participate. This presentation discusses each pretext and the corresponding psychological principles of persuasion to convince the college students to complete the survey, including reciprocity and the natural inclination to help. Additionally, the presentation outlines the response rates of each question compared among each of the four pretexts and examines the findings from the post-disclosure interviews. Some of the most commonly skipped questions included “Student ID number” and “What is your mother’s maiden name?”. General themes identified from the interviews included the importance of similarities between the social engineer and the target, the social engineer’s adherence to the character role of the pretext, the target’s awareness of question sensitivity, and the overall differences between online and offline disclosure. Findings suggest that college students are more likely to disclose private information if the attacker shares a similar trait with the target or if the attacker adheres to the character role they are impersonating.