Q: 9
A junior network administrator gets a text message from a number posing as the domain registrar of
the firm. The administrator is tricked into providing global administrator credentials. Which of the
following attacks is taking place?
Options
Discussion
Maybe D. It's a text message, so feels like classic smishing, but I get why some might think C since there's social engineering involved. Not totally sure though, since the terms can get mixed up sometimes.
Text message as the attack method basically screams D. Smishing is the SMS phishing one, vishing is for voice calls. Pretty sure about this but open if someone sees it differently.
I went with C since the attacker impersonates a legit org and tricks the admin into giving up creds, kinda like classic vishing. I thought vishing could sometimes use text messages too, not just voice calls, as long as there's social engineering over comms. Probably missing a fine point here but that's my reasoning. Anyone see it another way?
D tbh, text message means smishing not vishing. Pretty sure that's what CompTIA wants here.
Yeah, this one is D. The key part is the attack coming through a text message, which is classic smishing-not vishing since that's for voice calls. Someone could mix these up but I'm confident on D here.
C I remember a similar question in a practice exam and picked C since it asked about being tricked by someone pretending to be the registrar. Vishing feels right because it's social engineering. Not 100 percent though, feel free to disagree.
C is voice, not SMS. Why not D since it's through text?
D , C is a trap here since that's for calls, not texts.
Saw this in the official guide too, D. Official practice tests also use smishing for SMS phishing.
D tbh, smishing is just phishing over SMS/text messages. Seen almost the same example in a mock before. Vishing would be a voice call, so doesn't fit here. Anyone else remember this type?
Be respectful. No spam.
