A C-level executive has contacted the security team and asked if you can verify the authenticity of an email. The email appears to have come from a bank saying their password has been compromised. The executive states they don't use this bank. After some investigation you find this email went out to around fifty percent of internal email addresses. Which term correctly describes this attack scenario?
|Attacks, Threats, and Vulnerabilities|
|Architecture and Design|
|Operations and Incident Response|
|Governance, Risk, and Compliance|