You are working as a technician at Certkiller .com. You receive an call from a suspicious user that
has received an email stating that the company’s network administrators are attempting to validate
the complexity of login passwords by requesting that users provide the password in a reply email.
Which of following actions should recommend the user to take?
A.
Send a reply message with an encrypted signature attached.
B.
Send a reply message containing the password.
C.
Deny the request by deleting the email.
D.
Encrypt the reply and send the reply to the requestor.
Explanation:
This is one of the numerous variants of a social engineering attack where someone asks to get
your logon name and password by pretending to be someone who you normally would trust.