A company's IT department recently received complaints from several employees that they have been contacted by 'tech support' via phone call, requesting their login credentials to resolve a supposed network issue. Which of the following best describes this type of security threat?
The correct answer is 'Vishing'. Vishing, or voice phishing, involves an attacker using the telephone system in an attempt to scam the user into disclosing private information by pretending to be a legitimate entity, in this case, the company's IT department. Email phishing is incorrect as it specifically refers to the use of emails for scamming users. Smishing involves sending text messages, which is not the case here. Pretexting is the creation of a fabricated scenario to steal information, which is a component of this attack; however, vishing is the more specific and accurate term because the attack is delivered via a phone call.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is vishing, and how does it differ from other phishing techniques?
Open an interactive chat with Bash
What are common signs that a phone call might be a vishing attempt?
Open an interactive chat with Bash
How can companies train employees to avoid falling for vishing attacks?