Certified Ethical Hacker (CEH v13) — Question 243

While browsing his Facebook feed, Matt sees a picture one of his friends posted with the caption, “Learn more about your friends!”, as well as a number of personal questions. Matt is suspicious and texts his friend, who confirms that he did indeed post it. With assurance that the post is legitimate, Matt responds to the questions on the post. A few days later, Matt’s bank account has been accessed, and the password has been changed.
What most likely happened?

Answer options

• A. Matt inadvertently provided the answers to his security questions when responding to the post.
• B. Matt inadvertently provided his password when responding to the post.
• C. Matt’s computer was infected with a keylogger.
• D. Matt’s bank account login information was brute forced.

Correct answer: A

Explanation

The most likely scenario is that Matt unwittingly disclosed the answers to his security questions, which are often derived from personal information shared on social media. This enabled someone to reset his bank account password. The other options are less likely since there's no indication he provided his password directly, a keylogger infection isn't mentioned, and brute forcing requires more effort than simply obtaining security question answers.