312-50V13 · Question #394
312-50V13 Question #394: Real Exam Question with Answer & Explanation
The correct answer is A: Advanced SMS phishing. This scenario describes an Advanced SMS phishing attack, where an attacker leverages legitimate-looking SMS messages to trick a user into providing a sensitive PIN, leading to compromise or abnormal device behavior.
Question
Ben purchased a new smartphone and received some updates on it through the OTA method. He received two messages: one with a PIN from the network operator and another asking him to enter the PIN received from the operator. As soon as he entered the PIN, the smartphone started functioning in an abnormal manner. What is the type of attack performed on Ben in the above scenario?
Options
- AAdvanced SMS phishing
- BBypass SSL pinning
- CPhishing
- DTap 'n ghost attack
Explanation
This scenario describes an Advanced SMS phishing attack, where an attacker leverages legitimate-looking SMS messages to trick a user into providing a sensitive PIN, leading to compromise or abnormal device behavior.
Common mistakes.
- B. Bypass SSL pinning refers to techniques used to circumvent the security mechanism that prevents man-in-the-middle attacks on HTTPS connections to specific servers, which is not applicable to an SMS-based PIN attack.
- C. Phishing is a general term for deceptive attempts to acquire sensitive information, but "Advanced SMS phishing" is a more specific and accurate description for this multi-step, context-aware SMS attack.
- D. "Tap 'n ghost attack" is not a widely recognized or standard term for a mobile phone attack in cybersecurity; it seems to be a fabricated or niche term.
Concept tested. Mobile phishing (Advanced Smishing)
Reference. https://www.cisa.gov/news-events/news/cisa-warns-increase-smishing-attacks
Topics
Community Discussion
No community discussion yet for this question.