A user receives an SMS that asks for bank details. Which social-engineering technique was used?

The situation described involves a user receiving a text message (SMS) that asks for sensitive information, such as bank details. This scenario is indicative of smishing, which is a type of phishing conducted through mobile text messages.

Smishing combines SMS and phishing tactics, utilizing text messages to deceive users into providing personal or financial information. The nature of the message—asking for confidential bank details—aligns perfectly with the smishing technique, as attackers typically impersonate legitimate entities to elicit sensitive information from potential victims.

In contrast, other techniques mentioned involve different methods or communication channels. SPIM refers to spam sent through instant messaging platforms, while vishing involves voice phishing over phone calls. Spear phishing is a more targeted form of phishing that typically occurs via email, directed at specific individuals or organizations. These differences highlight the importance of identifying the correct social-engineering technique based on the medium and context of the attack.