Certified Ethical Hacker (CEH v12) — Question 164

An experienced cyber attacker has created a fake LinkedIn profile, successfully impersonating a high-ranking official from a well-established company, to execute a social engineering attack. The attacker then connected with other employees within the organization, receiving invitations to exclusive corporate events and gaining access to proprietary project details shared within the network. What advanced social engineering technique has the attacker primarily used to exploit the system and what is the most likely immediate threat to the organization?

Answer options

• A. Whaling and Targeted Attacks
• B. Pretexting and Network Vulnerability
• C. Spear Phishing and Spam
• D. Baiting and Involuntary Data Leakage

Correct answer: A

Explanation

The correct answer is A, as whaling refers to targeting high-profile individuals within an organization, which fits the scenario of impersonating a senior executive. The other options do not accurately describe the method used or the immediate threat; for instance, pretexting and network vulnerability (B) does not encompass the targeted approach of whaling, while spear phishing (C) and baiting (D) do not specifically relate to the impersonation of a high-ranking official.