Which statement best describes a phishing attempt?

• A. A legitimate way to verify identity online.
• B. Encrypting data to protect privacy.
• C. A fraudulent attempt to obtain sensitive information by pretending to be a trustworthy entity.
• D. Automatically updating security settings without user input.

Answer: (C)

Phishing is a deceptive attempt to obtain sensitive information by pretending to be a trustworthy entity. These attacks often come as emails, texts, or messages that look like they’re from a bank, a service you use, or a familiar company, and they pressure you to reveal usernames, passwords, or financial details. The key idea is deceit aimed at stealing data, not legitimate verification, encryption, or automatic updates. The other options describe real security concepts: verifying identity through proper, secure processes, protecting data with encryption, or updating software automatically. To protect yourself, be wary of urgent requests, verify the sender independently, avoid clicking suspicious links, and use multi-factor authentication.