A security analyst is investigating an unauthorized wire transfer. The investigation reveals an employee received an email with the CFO's correct display name but from a personal email domain. The email created a sense of urgency, pressuring the employee to process a payment to a new, fraudulent vendor account immediately. Which of the following attack types BEST describes this incident?
This incident is an example of a social engineering attack, specifically a type of phishing known as Business Email Compromise (BEC). The attacker manipulated the employee by impersonating a person of authority (the CFO) and creating a false sense of urgency to trick them into bypassing security controls and making an unauthorized wire transfer. The other options are incorrect because they describe different types of attacks that do not fit the scenario's details.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are common types of social engineering attacks?
Open an interactive chat with Bash
How can individuals protect themselves from social engineering attacks?
Open an interactive chat with Bash
What is the difference between social engineering and technical cyberattacks?