Why would a threat actor use the Social-Engineering Toolkit (SET)?
- to send a spear phishing email
- to spoof a phone number
- to manipulate users by leveraging XSS vulnerabilities
- to practice social engineering elicitation, interrogation, and pretexting skills
|
Explanation & Hint: The Social-Engineer Toolkit (SET) is a tool that can be used to launch numerous social engineering attacks and can be integrated with third-party tools and frameworks such as Metasploit. SET can be used to create spear phishing emails easily. |