An employee reports receiving an urgent phone call from someone claiming to be from the IT help desk. The caller stated that the employee's account was compromised and that they needed to provide their password immediately to secure it. This type of social engineering attack is best described as what?
Vishing, a combination of 'voice' and 'phishing', is a social engineering attack where attackers use voice communication (like phone calls or VoIP) to trick individuals into divulging sensitive information. In this scenario, the attacker used a phone call to create a sense of urgency and impersonated a trusted source (the IT help desk) to manipulate the employee into revealing their password. Smishing is similar but uses SMS text messages. Whaling is a phishing attack that specifically targets high-profile executives. Pharming redirects users from a legitimate website to a fraudulent one to steal credentials, often without direct user interaction like a phone call.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is VoIP, and why is it often used in vishing attacks?
Open an interactive chat with Bash
How does vishing differ from smishing and phishing?
Open an interactive chat with Bash
What are some common techniques attackers use in vishing scams?