An attacker crafts a message that appears to be from a trusted source, but in reality it redirects the
recipient to a malicious site where information is harvested. The message is narrowly tailored so it is
effective on only a small number of victims. This describes which of the following?
A.
Spear phishing
B.
Phishing
C.
Smurf attack
D.
Vishing
Explanation:
Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking
unauthorized access to confidential data. As with the e-mail messages used in regular phishing
expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually
appear to come from a large and well-known company or Web site with a broad membership base, such
as eBay or PayPal. In the case of spear phishing, however, the apparent source of the e-mail is likely to be
an individual within the recipient’s own company and generally someone in a position of authority.
Incorrect Answers:B: Phishing messages usually appear to come from a large and well-known company or Web site with a
broad membership base, such as eBay or PayPal rather than a trusted source such as an individual within
the recipient’s own company.
C: A smurf attack is a type of network security breach in which a network connected to the Internet is
swamped with replies to ICMP echo (PING) requests. A smurf attack is a type of DDoS attack; it does not
involve the use email messages to gain access to confidential data.
D: Vishing is the act of using the telephone in an attempt to scam the user into surrendering private
information that will be used for identity theft. The scammer usually pretends to be a legitimate business,
and fools the victim into thinking he or she will profit. Vishing uses verbal communication; it does not
involve the use email messages and does not appear to be from a trusted source such as an individual
within the recipient’s own company.http://searchsecurity.techtarget.com/definition/spear-phishing