An employee receives an email, which appears to be from the Chief Executive Officer (CEO), asking for a report of security credentials for all users.
Which of the following types of attack is MOST likely occurring?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
The attack described in the question is an example of a social engineering attack. Social engineering attacks rely on manipulating individuals to disclose sensitive information or perform actions that they would not typically perform under normal circumstances.
In this scenario, the attacker is impersonating the CEO of the company, which is a form of pretexting. The attacker is attempting to trick the employee into disclosing sensitive information, specifically security credentials for all users.
Whaling is a specific type of social engineering attack that targets high-level executives, like CEOs, in an attempt to gain access to valuable information. In this case, the attack could be considered whaling since the attacker is posing as the CEO.
Spear phishing is another type of social engineering attack where an attacker sends emails to specific individuals or groups, often with personalized information, to trick them into disclosing sensitive information or clicking on malicious links. While this attack could also be classified as spear phishing, it is more specific to whaling since the attacker is targeting a high-level executive.
Policy violation is not an appropriate answer to this question since it is not a type of attack. Policy violations may occur as a result of an attack, but they are not the attack itself.
In conclusion, the correct answer is B. Social engineering.