Skip to Content

CompTIA A+ Core 2 220-1102: Vishing Attack Explained

By: Author Alex Lim

Posted on

Categories Exam

In the CompTIA A+ Core 2 220-1102 exam, understanding social engineering tactics is crucial. This comprehensive guide explains vishing, an attack where scammers impersonate trusted entities over the phone, and provides strategies to identify and prevent such threats.

Table of Contents

Question

A user receives a call from someone who claims to be from the user’s bank and requests information to ensure the user’s account is safe. Which of the following social-engineering attacks is the user experiencing?

A. Phishing
B. Smishing
C. Whaling
D. Vishing

Answer

D. Vishing

Explanation

The user is experiencing a vishing attack. Vishing, or voice phishing, is a form of social engineering where the attacker uses voice communication, typically over the phone, to impersonate a legitimate entity, such as a bank or government agency. The goal is to trick the victim into revealing sensitive information, like account details or login credentials, or to execute malicious actions on their computer.

In this scenario, the caller claims to be from the user’s bank and requests information under the pretext of ensuring account security. This tactic aims to instill a sense of urgency and trust, manipulating the user into divulging confidential data. Legitimate financial institutions and businesses never request sensitive information over unsolicited phone calls or emails.

To mitigate vishing attacks, users should employ the following countermeasures:

  1. Verify the caller’s identity through official channels, not the provided contact information.
  2. Never disclose personal or financial information over unsolicited calls or emails.
  3. Be cautious of callers creating a sense of urgency or using scare tactics.
  4. Hang up and contact the claimed entity through verified contact information to confirm the request’s legitimacy.
  5. Keep up-to-date with the latest social engineering tactics and educate others.

Protecting against social engineering attacks like vishing is crucial for maintaining the confidentiality and integrity of sensitive information, both personal and organizational.

CompTIA A+ Core 2 220-1102 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the CompTIA A+ Core 2 220-1102 exam and earn CompTIA A+ Core 2 220-1102 certification.