Which term describes an email-based social engineering attack in which the attacker appears to be a legitimate institution to elicit private information?

Prepare for the Information Security Principles and Frameworks Test. Enhance your understanding with detailed questions, hints, and explanations. Ace your exam with confidence!

Multiple Choice

Which term describes an email-based social engineering attack in which the attacker appears to be a legitimate institution to elicit private information?

Explanation:
Phishing describes an email-based social engineering attack where the attacker pretends to be a legitimate organization to trick you into revealing sensitive information or clicking a malicious link. The key feature is the delivery via email and the impersonation of a trusted institution—bank, service provider, or similar—to exploit your trust and urgency. Attackers often spoof sender addresses, use logos, and direct you to fake login pages or request credentials, aiming to steal usernames, passwords, or financial data. This makes phishing the precise label for this scenario, since it centers on an email conduit and the deception of a known organization to obtain private information. Impersonation is a broader act of pretending to be someone else and can occur in other channels; pretexting involves a fabricated backstory or scenario, which may be used in phishing but isn’t limited to email.

Phishing describes an email-based social engineering attack where the attacker pretends to be a legitimate organization to trick you into revealing sensitive information or clicking a malicious link. The key feature is the delivery via email and the impersonation of a trusted institution—bank, service provider, or similar—to exploit your trust and urgency. Attackers often spoof sender addresses, use logos, and direct you to fake login pages or request credentials, aiming to steal usernames, passwords, or financial data. This makes phishing the precise label for this scenario, since it centers on an email conduit and the deception of a known organization to obtain private information. Impersonation is a broader act of pretending to be someone else and can occur in other channels; pretexting involves a fabricated backstory or scenario, which may be used in phishing but isn’t limited to email.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy