A user has unknowingly gone to a fraudulent site. The security analyst notices the following system
change on the user’s host:Old `hosts’ file:
127.0.0.1 localhost
New `hosts’ file:
127.0.0.1 localhost
5.5.5.5 www.comptia.com
Which of the following attacks has taken place?

A.
Spear phishing

B.
Pharming

C.
Phishing

D.
Vishing

Explanation:
We can see in this question that a fraudulent entry has been added to the user’s hosts file. This will point
the URL: www.comptia.com to 5.5.5.5 instead of the correct IP address.
Similar in nature to e-mail phishing, pharming seeks to obtain personal or private (usually financial
related) information through domain spoofing. Rather than being spammed with malicious and
mischievous e-mail requests for you to visit spoof Web sites which appear legitimate, pharming ‘poisons’
a DNS server (or hosts file) by infusing false information into the DNS server, resulting in a user’s request
being redirected elsewhere. Your browser, however will show you are at the correct Web site, which
makes pharming a bit more serious and more difficult to detect. Phishing attempts to scam people one at
a time with an e-mail while pharming allows the scammers to target large groups of people at one time
through domain spoofing.
Incorrect Answers:A: Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking
unauthorized access to confidential data. As with the e-mail messages used in regular phishing
expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually
appear to come from a large and well-known company or Web site with a broad membership base, such
as eBay or PayPal. In the case of spear phishing, however, the apparent source of the e-mail is likely to be
an individual within the recipient’s own company and generally someone in a position of authority. In this
question, host file poisoning is used rather than email.
C: Phishing is the act of sending an email to a user falsely claiming to be an established legitimate
enterprise in an attempt to scam the user into surrendering private information that will be used for
identity theft.
Phishing email will direct the user to visit a website where they are asked to update personal information,
such as a password, credit card, social security, or bank account numbers, that the legitimate organization
already has. The website, however, is bogus and set up only to steal the information the user enters on
the page. In this question, host file poisoning is used rather than email.
D: Vishing (voice or VoIP phishing) is an electronic fraud tactic in which individuals are tricked into
revealing critical financial or personal information to unauthorized entities. Vishing works like phishing
but does not always occur over the Internet and is carried out using voice technology. A vishing attack can
be conducted by voice email, VoIP (voice over IP), or landline or cellular telephone. In this question, host
file poisoning is used rather than voice.

http://www.webopedia.com/TERM/P/pharming.html
http://searchsecurity.techtarget.com/definition/spear-phishing
http://searchunifiedcommunications.techtarget.com/definition/vishing
http://www.webopedia.com/TERM/P/phishing.html