C. In a BEC attack, the attacker typically impersonates a high-ranking executive or authority figure within the organization and requests sensitive information or actions from employees. In this case, the HR director is requesting log-in credentials for a cloud administrator account, which is a classic example of BEC where the attacker seeks to gain access to privileged accounts through deception.
Answer: A.
It could be C if there wasn't a better option, but a BEC is about impersonating, and in the answer choice C it doesn't specify that someone is acting as hr, whereas A is a better choice because they are clear that someone is being impersonated. Your boss requests documents all the time, they don't need to demand it. The choice is clearly A.
The best answer is C. The HR Director is not your boss, but someone high in your organization. They are asking for cloud administrator credentials, which has nothing to do with HR, so there is a chance that the directors email account has been compromised and the hacker is now hoping that you will just give in to their request because of the higher rank. In this situation you would follow up with the HR Director in person to determine if they actually made the request and if they really need the credentials for a legitimate reason.
The fact that the email has the executive's name in the display field strongly suggest impersonation which is a hallmark of BEC. Both A and C involve impersonation which is central to BEC with scenario A being a class BEC because it is specifically leveraging the executives identity to request gift card which is a common BEC tactic.
But the exec’s name being in a field doesn’t indicate there’s a compromise. Receiving a direct email from the HR director indicates that the HR director’s email has been compromised.
I believe it is A, as they muddled the question to state "display field" and not simply From:
It best meets a BEC attach when you change the question to read from the CEO.
A and C are correct, but A is the most common example of a BEC attack; cuz this is a classic BEC attack where an attacker spoofs an executive's email and asks for gift cards or money.
This is a typical BEC scenario, where an attacker impersonates an executive and asks for a gift card or financial transfer, often in an urgent or confidential manner.
C - Is an attempt to steal login credentials, but it is not a typical BEC attack. BEC usually involves financial manipulation or social engineering related to authority figures, not credential theft.
An employee receives a gift card request in an email that has an executive’s name in the display field of the email, as it describes a Business Email Compromise (BEC) attack. BEC relies on social engineering rather than malware or phishing links, where attackers impersonate executives or trusted individuals to manipulate employees into making financial transactions, such as purchasing gift cards or wiring money. Unlike phishing, BEC does not involve fake login pages but instead creates a sense of urgency to pressure the target.
The best answer is A. The email request for a service implies that the email account has already been compromised. In answer C, the HR director is requesting information in an "attempt" to compromise the user's account. Flagging said email would mean that the attack has been averted and NOT compromised.
At first, I was going to pick A but C fits the description more. In this case, why would a HR Coordinator ask for the login credentials of an employee. If they needed information, they could've asked the manager or director but most times they can access themselves.
A. An employee receives a gift card request in an email that has an executive’s name in the display field of the email.
This scenario describes a typical Business Email Compromise (BEC) attack, where a malicious actor impersonates an executive or other trusted individual in order to deceive an employee into taking a specific action, such as purchasing gift cards or transferring funds. In BEC attacks, the attacker often uses social engineering to exploit the authority of a known figure within the company.
Other options describe different types of cyberattacks:
B is likely a ransomware attack (demanding payment for access to files).
C could be a phishing or credential harvesting attack.
D is an example of a phishing attack aimed at stealing login credentials.
A. This scenario describes a Business Email Compromise (BEC) attack, which is a type of phishing attack that relies on social engineering. In a BEC attack, attackers impersonate a trusted individual (often an executive) and use their name or email address to request sensitive information, payments, or, as in this case, gift cards. These attacks often rely on urgency and authority to trick employees into acting without verifying the request.
This answer is from AI but it is acceptable
Why Option C isn't BEC?
Option C: "A service desk employee receives an email from the HR director asking for log-in credentials to a cloud administrator account."
While this is a phishing attack (attempting to gather log-in credentials), it doesn't fit the typical BEC scenario. BEC usually involves financial fraud or manipulation to get employees to act in a way that benefits the attacker (like transferring funds or buying gift cards).
While this could be part of a social engineering attack, it's more likely a case of phishing or pretexting, rather than BEC, because the attacker is trying to steal credentials (access to cloud admin accounts) rather than performing financial fraud.
A. executive name is something you can find online.
B/D are just phishing.
C actually involves a high ranking member's intranet email address which indicates a compromise in the security.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
lauren2wright
Highly Voted 10 months, 1 week agoTheMichael
8 months agoSnooozey
7 months, 1 week agoa4e15bd
7 months agoAces155
2 months, 3 weeks agoBrian_Douglas
Most Recent 4 days, 4 hours agoBik047
6 days, 6 hours agoWoodiynho
1 week agoJackExam2025
2 weeks, 6 days agoiamose
3 weeks, 3 days agolloocckkeeyy
4 weeks agoCyberfox9001
1 month agoHasss
1 month agoLeek23
1 month agoInnana
1 month, 2 weeks agoMaximux1804
1 month, 2 weeks agoMasiEB
1 month, 3 weeks agoMasiEB
1 month, 1 week ago[Removed]
2 months, 1 week agoCEEJAY83
2 months, 1 week agoEngAbood
2 months, 2 weeks agoJRCHENRY
2 months, 3 weeks ago