Which characteristic is typically associated with a phishing attack?

Phishing attacks are primarily characterized by their attempt to deceive individuals into divulging sensitive information such as usernames, passwords, credit card numbers, or other personal data. This deception often takes place through emails, messages, or fake websites that closely mimic legitimate entities. Attackers create a sense of urgency or ask users to confirm their credentials to exploit trust and gather personal information.

Each of the other choices represents different types of malicious activities, but they do not align with the core characteristic of phishing. Encrypting data for ransom is a hallmark of ransomware, while spreading malware pertains to viruses or worms that typically infiltrate systems, and overloading a server with requests describes a denial-of-service (DoS) attack. Phishing specifically targets the individual’s action to expose personal information rather than installing software or causing service disruption, making the accurate choice distinct in the realm of cybersecurity threats.