A consultant is launching a phishing campaign to gather employees’ account details. The consultant wants to appear as a familiar colleague and embed a link that collects credentials while avoiding suspicious behavior. Which plan is the most likely to succeed?
Offer a complimentary gift card if individuals forward their credentials to a newly created mailbox within a short timeframe
Announce an urgent update request to the entire staff with minimal sender details and attach a script reported to fix email synchronization issues
Send a message from a generic external domain with a blank subject field that instructs users and managers to respond with account details
Use a disguised coworker name referencing an active project, include a link that resembles the company’s login portal, and request sign-in
Impersonating a known coworker and referencing an ongoing task adds legitimacy, and providing a link that looks similar to the official login page can reduce doubts. Urgent or broad demands typically increase suspicion among recipients, and proposals with unfamiliar motives are less likely to succeed because they stand out as unusual requests.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What techniques make phishing attempts appear more legitimate?
Open an interactive chat with Bash
How can users identify a fake login page in phishing emails?
Open an interactive chat with Bash
Why do urgent or broad demands increase suspicion in phishing scenarios?