When a hacker sends a legitimate-looking email with malicious links to steal private information, what attack is being performed?

Phishing is a type of cyber attack where an attacker impersonates a legitimate organization or individual through seemingly legitimate emails or messages in order to deceive recipients into revealing sensitive information, such as usernames, passwords, or credit card details. The main goal of phishing attacks is to exploit the trust of the target, often by creating a sense of urgency or legitimate concern.

In this scenario, the hacker sends an email that looks authentic, containing links that lead to fraudulent sites designed to capture the victim's private information. This method relies heavily on social engineering techniques, making the recipient believe they are interacting with a credible source.

While identity fraud relates to the use of stolen information to impersonate someone else, and whaling targets high-profile individuals with more personalized attacks, phishing encompasses all variations of deceitful email techniques aimed at stealing data. Mail bombing, on the other hand, refers to overwhelming a target's email inbox with a flood of messages, which does not involve data theft or deception for information extraction.