Threats Using Personalized Information

D.

The threat that uses personalized information in an attempt at obtaining information is called spear phishing.

Spear phishing is a form of targeted phishing attack that is directed towards a specific individual or group of individuals, usually within an organization. The attacker attempts to obtain sensitive or confidential information by using personalized and convincing messages that appear to come from a trusted source.

Spear phishing attacks are more sophisticated than traditional phishing attacks, as the attacker does research on the targeted individuals to tailor the message specifically to them. This may include using personal information such as the individual's name, job title, or even recent online activities to make the message appear more legitimate and increase the chances of success.

Whaling, impersonation, and spoofing are all related to phishing attacks, but they do not involve personalized information in the same way that spear phishing does.

Whaling is a specific form of spear phishing that targets high-level executives or individuals with access to sensitive information, with the aim of obtaining valuable information or gaining access to secure systems.

Impersonation involves pretending to be someone else in order to gain access to sensitive information or systems. This can be done through social engineering tactics, such as pretending to be a trusted colleague or IT support person.

Spoofing involves creating fake websites, email addresses, or other online identities that appear to be legitimate in order to trick individuals into revealing sensitive information or downloading malware.

In summary, while all of these threats are related to phishing attacks, spear phishing is the one that uses personalized information to increase the chances of success in obtaining sensitive information or access to secure systems.