nerdexam
EC-Council

312-50V13 · Question #389

An attacker can employ many methods to perform social engineering against unsuspecting employees, including scareware. What is the best example of a scareware attack?

The correct answer is D. A pop-up appears to a user stating, "Your computer may have been infected with spyware. Click. The best example of a scareware attack is a pop-up warning of a potential computer infection, aiming to frighten users into purchasing fake software or clicking malicious links.

Submitted by zhang_li· Mar 6, 2026Social Engineering

Question

An attacker can employ many methods to perform social engineering against unsuspecting employees, including scareware. What is the best example of a scareware attack?

Options

  • AA pop-up appears to a user stating, "You have won a free cruise! Click here to claim your prize!"
  • BA banner appears to a user stating, "Your account has been locked. Click here to reset your
  • CA banner appears to a user stating, "Your Amazon order has been delayed. Click here to find out
  • DA pop-up appears to a user stating, "Your computer may have been infected with spyware. Click

How the community answered

(32 responses)
  • A
    6% (2)
  • B
    3% (1)
  • C
    3% (1)
  • D
    88% (28)

Why each option

The best example of a scareware attack is a pop-up warning of a potential computer infection, aiming to frighten users into purchasing fake software or clicking malicious links.

AA pop-up appears to a user stating, "You have won a free cruise! Click here to claim your prize!"

This is a typical example of a giveaway or prize scam, which is a different type of social engineering, often used in phishing.

BA banner appears to a user stating, "Your account has been locked. Click here to reset your

This message attempts to induce urgency and fear of account loss, but it's more aligned with credential phishing than scareware.

CA banner appears to a user stating, "Your Amazon order has been delayed. Click here to find out

This message preys on user concern for deliveries but is typically a phishing attempt to gather login credentials or distribute malware, not primarily to scare users about system health.

DA pop-up appears to a user stating, "Your computer may have been infected with spyware. ClickCorrect

Scareware aims to scare users into believing their computer is infected or has a serious problem, then prompts them to download or purchase fake security software or click malicious links to 'fix' the issue. A pop-up claiming a spyware infection directly aligns with this tactic.

Concept tested: Social engineering (Scareware)

Source: https://www.microsoft.com/en-us/security/business/security-101/what-is-scareware

Topics

#scareware#social engineering#malware#phishing

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice