nerdexam
EC-Council

312-50V13 · Question #396

Stephen, an attacker, targeted the industrial control systems of an organization. He generated a fraudulent email with a malicious attachment and sent it to employees of the target organization. An em

The correct answer is A. Spear-phishing attack. Stephen used a spear-phishing attack, sending a targeted malicious email to specific employees within the ICS organization, which resulted in malware infection and subsequent damage to industrial automation components.

Submitted by devops_kid· Mar 6, 2026Social Engineering

Question

Stephen, an attacker, targeted the industrial control systems of an organization. He generated a fraudulent email with a malicious attachment and sent it to employees of the target organization. An employee who manages the sales software of the operational plant opened the fraudulent email and clicked on the malicious attachment. This resulted in the malicious attachment being downloaded and malware being injected into the sales software maintained in the victim's system. Further, the malware propagated itself to other networked systems, finally damaging the industrial automation components. What is the attack technique used by Stephen to damage the industrial systems?

Options

  • ASpear-phishing attack
  • BSMishing attack
  • CReconnaissance attack
  • DHMI-based attack

How the community answered

(67 responses)
  • A
    75% (50)
  • B
    7% (5)
  • C
    3% (2)
  • D
    15% (10)

Why each option

Stephen used a spear-phishing attack, sending a targeted malicious email to specific employees within the ICS organization, which resulted in malware infection and subsequent damage to industrial automation components.

ASpear-phishing attackCorrect

A spear-phishing attack is a highly targeted phishing attempt directed at specific individuals or organizations, often leveraging information about the target to increase the likelihood of success. In this case, the attacker specifically targeted employees of an industrial control system organization with a malicious attachment, leading to a system compromise.

BSMishing attack

A SMishing attack is a type of phishing that uses SMS (text messages) to trick victims, which is not what occurred here as the attack used email.

CReconnaissance attack

A reconnaissance attack involves gathering information about a target before launching a primary attack, not the act of delivering malware itself.

DHMI-based attack

An HMI-based attack targets Human-Machine Interface systems directly, but the initial vector here was an email opened by an employee, leading to malware that then propagated to industrial components, making spear-phishing the initial attack technique.

Concept tested: Social engineering (Spear phishing)

Source: https://www.cisa.gov/news-events/news/cisa-urges-organizations-remain-vigilant-against-spearphishing-emails

Topics

#spear phishing#malicious attachment#social engineering#ICS attack

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice