Certified Ethical Hacker (CEH v13) — Question 6

Johnson, an attacker, performed online research for the contact details of reputed cybersecurity firms. He found the contact number of sibertech.org and dialed the number, claiming himself to represent a technical support team from a vendor. He warned that a specific server is about to be compromised and requested sibertech.org to follow the provided instructions. Consequently, he prompted the victim to execute unusual commands and install malicious files, which were then used to collect and pass critical information to Johnson’s machine.
What is the social engineering technique Steve employed in the above scenario?

Answer options

• A. Diversion theft
• B. Quid pro quo
• C. Elicitation
• D. Phishing

Correct answer: B

Explanation

The correct answer is B, quid pro quo, as the attacker impersonated a technical support team member and offered assistance in exchange for the victim's compliance. The other options do not fit this scenario; diversion theft involves distracting the target to steal something directly, elicitation focuses on extracting information without raising suspicion, and phishing typically involves fake emails or websites to trick the target.