Skip to Content

CompTIA 220-1102: What is an Example of Phishing Attack?

By: Author Alex Lim

Posted on  - Last updated:

Categories Exam

Learn how to identify phishing attacks in this CompTIA A+ 220-1102 certification practice question. Discover the key signs of phishing emails and how to protect against them.

Table of Contents

Question

Employees at comptia.org are reporting getting a usual amount of emails from a coworker. A technician discovers the emails were sent from the following address: [email protected].

Which of the following social engineering attacks is this an example of?

A. Whaling
B. Insider threat
C. Phishing
D. Vishing
E. Evil twin

Answer

C. Phishing

Explanation

This scenario is an example of a phishing attack. Phishing is a type of social engineering where an attacker sends fraudulent emails pretending to be from a legitimate source, like a coworker or trusted organization, in order to trick the victim into revealing sensitive information or downloading malware.

The key detail that identifies this as phishing is that the email address, [email protected], uses a slight variation of the legitimate CompTIA domain name. The “O” in “comptia” is uppercase, whereas the real domain uses all lowercase letters. This is a common phishing tactic to make a malicious URL look very similar to a trusted one.

The other attack types can be ruled out:

  • Whaling specifically targets high-profile individuals, not regular employees
  • An insider threat comes from a malicious actor within the organization, but the email address shows this is an external attack
  • Vishing is voice phishing done over the phone, not via email
  • An evil twin attack involves setting up a fraudulent Wi-Fi access point, which is not described here

To protect against phishing, organizations should educate employees on how to spot suspicious emails, including carefully examining URLs and email addresses. Technical controls like email filters and antivirus software provide additional layers of defense. Ultimately, vigilance and verification are key to preventing phishing compromises.

CompTIA 220-1102 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the CompTIA 220-1102 exam and earn CompTIA 220-1102 certification.