Which feature is commonly used by phishing emails to entice responders to disclose credentials?

• A. A straightforward, non-urgent request for a password.
• B. A legitimate-looking request with no links.
• C. A request for sensitive data or login details accompanied by suspicious links or attachments and a sense of urgency.
• D. A message from a trusted colleague with no action required.

Answer: (C)

Phishing relies on social engineering that pressures you to reveal credentials by pretending to be legitimate and urgent. The best answer describes a request for sensitive data or login details that comes with suspicious links or attachments and a sense of urgency. That combination is powerful because it lowers your defenses and pushes you to act quickly, often leading you to enter credentials on a fake site or click a malicious attachment. A plain, non-urgent password request isn’t as deceptive, a legitimate-looking request with no links isn’t a trap, and a message from a trusted source with no required action doesn’t prompt credential disclosure. The key pattern is a prompt for credentials paired with suspicious content and urgency.