A financial services company discovers that several employees have been unknowingly downloading malware. Investigation reveals that the malware originated from a legitimate website frequently accessed by the company's staff for industry news. What type of attack is most likely responsible for this compromise?
This scenario describes a watering hole attack, where attackers target a specific group by compromising a trusted website they visit regularly to deliver malware. Unlike phishing, which typically involves deceptive emails, or drive-by downloads that can affect any visitor, watering hole attacks are strategically aimed at particular organizations or communities.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a watering hole attack?
Open an interactive chat with Bash
How does a watering hole attack differ from phishing?
Open an interactive chat with Bash
What defenses can organizations implement against watering hole attacks?