A consultant is launching a phishing campaign to gather employees’ account details. The consultant wants to appear as a familiar colleague and embed a link that collects credentials while avoiding suspicious behavior. Which plan is the most likely to succeed?
Use a disguised coworker name referencing an active project, include a link that resembles the company’s login portal, and request sign-in
Announce an urgent update request to the entire staff with minimal sender details and attach a script reported to fix email synchronization issues
Offer a complimentary gift card if individuals forward their credentials to a newly created mailbox within a short timeframe
Send a message from a generic external domain with a blank subject field that instructs users and managers to respond with account details
Impersonating a known coworker and referencing an ongoing task adds legitimacy, and providing a link that looks similar to the official login page can reduce doubts. Urgent or broad demands typically increase suspicion among recipients, and proposals with unfamiliar motives are less likely to succeed because they stand out as unusual requests.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What techniques make a phishing email more convincing?
Open an interactive chat with Bash
How do attackers disguise phishing links to make them appear trustworthy?
Open an interactive chat with Bash
What are the best practices to recognize and prevent phishing attempts?