An IT team rolls out a new management application that uses a randomly generated MFA token sent to the administrator's phone. Despite this new MFA precaution, there is a security breach of the same software.
Which of the following describes this kind of attack?
Correct Answer: D
Comprehensive and Detailed Explanation From Exact Extract:
If MFA is in place yet attackers still breach the system, the compromise most likely resulted from social engineering, specifically pretexting. Pretexting occurs when an attacker fabricates a convincing scenario (a
"pretext") to trick the victim into revealing authentication information, such as OTP codes, MFA prompts, or login details. Even strong MFA cannot prevent an attack when a human is tricked into voluntarily providing the code.
Smishing (A) involves fraudulent SMS messages, but no messaging is mentioned in the scenario.
Typosquatting (B) involves deceptive URLs that appear similar to legitimate sites and is unrelated to MFA compromise. Espionage (C) refers to stealing sensitive or national-security-related information, not bypassing MFA protections.
Security+ SY0-701 details pretexting under Social Engineering Attacks, emphasizing that MFA does not fully mitigate human manipulation. Attackers frequently impersonate IT staff, vendors, or automated systems to convince victims to "verify" or "confirm" credentials. This perfectly matches a breach where MFA was present but still circumvented through deception.