Exam 350-201 topic 1 question 81 discussion

The combination of increased incoming spam emails and web scraping alerts suggests a phishing attempt. Phishing is a type of social engineering attack where attackers send fraudulent messages designed to trick individuals into revealing sensitive information or deploying malicious software. Web scraping can be used to gather email addresses for such campaigns

Based on the given information, it is difficult to definitively determine the type of compromise that is indicated. However, the web scraping alerts suggest that an attacker may be using an automated tool to scrape data from the company's website, potentially including email addresses or other information that could be used in spam or phishing campaigns. Therefore, options A and C (phishing and social engineering) are both possible, but there is not enough information to determine whether option B (dumpster diving) or option D (privilege escalation) are relevant in this case. Further investigation would be needed to determine the exact nature of the compromise. - ChatGPT

A. phishing Phishing is a type of social engineering attack that is used to trick individuals into providing sensitive information, such as login credentials or financial information. In this scenario, the engineer is investigating several cases of increased incoming spam emails and suspicious emails from the HR and service departments. This is an indication of a phishing attack, as the attacker is likely using emails to trick individuals into providing sensitive information or installing malware.

https://datacentrereview.com/2022/09/how-phishing-threats-can-be-neutralised-with-web-scraping/#:~:text=How%20web%20scraping%20identifies%20phishing%20websites%20Businesses%20take,analysts%20to%20determine%20if%20they%20are%20legitimate%20businesses.

Web Scrapping and Phishing are social engineering soo the answer is C

Agree - phishing

A - phishing is the right answer