A cloud administrator notices a high volume of emails being sent to employees. The emails appear to be from the internal IT department and request that users click a link to update their security settings. The link, however, directs them to a fraudulent website designed to harvest credentials. Which type of attack does this scenario describe?
Phishing is a type of social engineering attack that uses fraudulent emails or messages appearing to be from a reputable source to trick individuals into revealing sensitive information, such as login credentials. DNS hijacking is a redirection attack where DNS queries are incorrectly resolved to send a user to a malicious website. Pretexting involves an attacker creating a fabricated scenario or pretext to build trust and manipulate a victim into divulging information. SQL injection is a code injection technique used to attack data-driven applications by inserting malicious SQL statements into an entry field for execution.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
How does phishing work?
Open an interactive chat with Bash
What is the difference between phishing and pretexting?
Open an interactive chat with Bash
How can users protect themselves from phishing attacks?