What type of threat is this?

Someone from a large tech company calls you on behalf of your company to check the health of your PC, and therefore needs your user-id and password.

What type of threat is this?
A . Social engineering threat
B . Organisational threat
C . Technical threat
D . Malware threat

Answer: A

Explanation:

The type of threat that occurs when someone from a large tech company calls you on behalf of your company to check the health of your PC, and therefore needs your user-id and password, is a social engineering threat. Social engineering is a technique that manipulates people into revealing confidential or sensitive information, such as passwords, personal data, bank details, etc., by impersonating someone trustworthy or authoritative, such as an IT support staff, a manager, a colleague, etc. Social engineering can be done through various channels, such as phone calls, emails, text messages, etc., and can exploit human emotions, such as curiosity, fear, greed or sympathy. Social engineering is often used by hackers or cybercriminals to gain unauthorized access to information systems or networks, or to perform malicious or fraudulent activities.

Reference: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course], ISO/IEC 27001:2022 Information technology ― Security techniques ― Information security management systems ― Requirements, What is Social Engineering?