A senior employee received a suspicious email from another executive requesting an urgent wire transfer. Which of the following types of attacks is likely occurring?
Isnt BEC a form of spear phishing technically? The usual plan of attack starts with the Spear Phising campaign and then evolves into a BEC when request for finances is emailed out from another spoofed or compromised email.
Reading the question it says that a senior employee, not specifying the role of this employee meaning that could be someone not from the finance or Executive roles but BEC or Spear Phishing are possible answers but unfortunately just one is correct. I would go to A.
Business Email Compromise (BEC) is a type of scam targeting companies who conduct wire transfers and have suppliers abroad. Corporate or publicly available email accounts of executives or high-level employees related to finance or involved with wire transfer payments are either spoofed or compromised through keyloggers or phishing attacks to do fraudulent transfers, resulting in hundreds of thousands of dollars in losses.
CEO Fraud- Attackers pose as the company CEO or any executive and send an email to employees in finance, requesting them to transfer money to the account they control
https://www.trendmicro.com/vinfo/us/security/definition/business-email-compromise-(bec)
Comptia Pentest+ book:
In a BEC, an attacker usually impersonates a high-level executive or directly hijacks theiremail account. They then send an email to financial personnel, requesting money via a method like awire transfer. Because the financial personnel believe the request is legitimate, they will approve thetransfer. The attacker successfully elicits this payment without stealing it directly.
answer is BEC. threat actor gotten access internal and attempt to trick another exec...
spear phishing is often external to internal..
whaling is often "masquerading" without access to internal email..
As per this specific scenario this is definitely B... "Business Email Compromise (BEC) can be employed, which involves sending a message that appears to be from a coworker or superior (e.g. the CEO or CFO) requesting a high-dollar wire transfer (usually with an imminent “deadline”)."
Business Email Comprise: "Typically an attack targets specific employee roles within an organization by sending a spoof email (or series of spoof emails) which fraudulently represent a senior colleague (CEO or similar) or a trusted customer. The email will issue instructions, such as approving payments or releasing client data. The emails often use social engineering to trick the victim into making money transfers to the bank account of the fraudster."
If it was the first email out and it didn't mention a legitimate email being compromised you would be right. In this instance it is BEC.
upvoted 1 times
...
...
This section is not available anymore. Please use the main Exam Page.PT0-001 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
kloug
2 years, 2 months agomiabe
2 years, 9 months agoanonamphibian
3 years, 2 months agola144
3 years, 6 months agoBill_nye_russian_guy
3 years, 9 months agononyabiz
3 years, 10 months agoboooliyooo
3 years, 10 months agohellobob
3 years, 10 months agoKyle54
3 years, 11 months agoflash1620
3 years, 11 months agoskipcrab
3 years, 10 months ago