312-50V13 Question #142: Real Exam Question with Answer & Explanation

Question

In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details. Ignorant users usually fall prey to this scam. Which of the following statement is incorrect related to this attack?

Options

• ADo not reply to email messages or popup ads asking for personal or financial information
• BDo not trust telephone numbers in e-mails or popup ads
• CReview credit card and bank account statements regularly
• DAntivirus, anti-spyware, and firewall software can very easily detect these type of attacks
• EDo not send credit card numbers, and personal or financial information via e-mail

Explanation

The described scenario is a phishing attack, which is a social engineering technique designed to trick users into revealing sensitive information by impersonating a trustworthy entity.

Common mistakes.

• A. Not replying to suspicious emails or pop-ups asking for personal information is a correct and essential countermeasure against phishing.
• B. Not trusting telephone numbers provided in suspicious emails or ads is a correct countermeasure, as attackers often provide fake contact information.
• C. Regularly reviewing financial statements is a crucial post-compromise detection method to identify unauthorized activity resulting from a successful phishing attack.
• E. Sending sensitive information via unencrypted email is inherently insecure and a correct behavior to avoid, especially in response to unsolicited requests.

Concept tested. Phishing attack characteristics and prevention

Reference. https://www.cisa.gov/news-events/news/stop-think-connect-what-you-need-know-about-phishing

No community discussion yet for this question.