You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist's email, and you send her an email changing the source email to her boss's email( boss@company ). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don't work. She reads your email, opens the links, and her machine gets infected. You now have access to the company network. What testing method did you use?

Question

Quizplus · Accepted Answer

Social engineering is the art of manipulating people into performing actions or divulging information that they would not normally do. In this case, the attacker used social engineering to trick the receptionist into opening a malicious PDF file, which gave the attacker access to the company network.

You Are Tasked to Perform a Penetration Test