CompTIA Security+ (SY0-501) — Question 649

Ann, a user, reports she is receiving emails that appear to be from organizations to which she belongs, but the emails contain links to websites that do not belong to those organizations. Which of the following security scenarios does this describe?

Answer options

• A. A hacker is using Ann's social media information to create a spear phishing attack
• B. The DNS servers for the organizations have been hacked and are pointing to malicious sites
• C. The company's mail system has changed the organization's links to point to a proxy server for security
• D. Ann's computer is infected with adware that has changed the email links

Correct answer: A

Explanation

The correct answer is A because it describes a targeted phishing attack using the user's personal information to deceive her into clicking malicious links. Option B is incorrect as it suggests a DNS compromise, which isn't indicated in the scenario. Option C is incorrect because there is no mention of a proxy server involvement, and option D is invalid since it implies adware is responsible for the link changes, while the scenario specifically points to phishing.