Cybersecurity Threats Quiz

A user receives an email claiming to be from their software provider, offering a "critical update" for their operating system. After clicking the attachment, the user’s computer begins to act strangely—files are encrypted, and a ransom message appears demanding payment in Bitcoin for file decryption.

A major online retailer experiences a sudden and significant slowdown of its website during the holiday shopping season. Customers are unable to make purchases or load the site, and the server logs show a high volume of traffic requests originating from various sources.

An employee receives an email from a "trusted vendor" requesting that they verify their account credentials by clicking on a link. The email appears official, with the company logo and professional language. Upon clicking the link, the employee is directed to a website that looks identical to the vendor’s login page, but the URL is slightly misspelled.

While using public Wi-Fi in a coffee shop, a user logs into their online banking account. Unknown to them, an attacker is intercepting the communication between the user and the bank’s server. The attacker is able to capture the user’s login credentials and access their bank account.

A hacker discovers a vulnerability in an online store's login page. The login form doesn't properly validate user input, so the attacker submits an SQL query as their username. This allows the attacker to access the store's database and retrieve customer information, including passwords and credit card details.

A user posts a comment on a website with an embedded JavaScript code that automatically executes when another user views the comment. The script steals the second user's session cookies, allowing the attacker to hijack their account.

An employee at a large organization accesses confidential files from the company’s server, which they have no legitimate need to view, and later leaks them to a competitor for personal financial gain.

A nation-state hacker group is found to have infiltrated a company’s network and maintained stealth access for several months. They collect sensitive corporate data and slowly exfiltrate it without raising any alarms. Their activity is highly sophisticated and tailored to avoid detection.

An attacker uses a tool to try and guess a victim’s password by systematically attempting every possible combination of letters, numbers, and symbols. This attack continues until the correct password is found.

A hacker exploits an unknown vulnerability in a popular operating system before the developers have a chance to fix it. This attack occurs because the vulnerability is undiscovered by the software maker, and there is no patch available at the time of the attack.