Tricking employees into revealing their passwords by pretending to be a legitimate member of a company is known as:

The practice of tricking employees into revealing their passwords by impersonating a legitimate member of the organization is correctly identified as social engineering. This term encompasses a broad range of techniques that manipulate individuals into divulging confidential information, often by exploiting trust or authority.

Social engineering relies on the psychological manipulation of people rather than on technical hacking methods. In the context of a company, an attacker might pose as a manager or IT support staff to gain an employee's trust and coax them into sharing sensitive information, such as passwords or other privileged data.

In contrast, sniffing refers to the act of capturing and analyzing data packets as they travel through a network. Phishing typically involves fraudulent communications, often via email, that trick the recipient into providing personal information, but it does not specifically involve impersonation within the organizational context. Pharming is a more advanced technique that redirects users from legitimate websites to fraudulent ones, without the need for direct interaction or manipulation. Therefore, the definition of social engineering encompasses the act described in the question more directly and accurately.