Which of the following should the technician do to validate the authenticity of the email?

A help desk technician receives an email from the Chief Information Officer (C/O) asking for documents. The technician knows the CIO is on vacation for a few weeks.

Which of the following should the technician do to validate the authenticity of the email?
A . Check the metadata in the email header of the received path in reverse order to follow the email’s path.
B. Hover the mouse over the CIO’s email address to verify the email address.
C. Look at the metadata in the email header and verify the "From." line matches the CIO’s email address.
D. Forward the email to the CIO and ask if the CIO sent the email requesting the documents.

View Answer

Answer: B

Explanation:

The “From” line in the email header can be easily spoofed or manipulated by an attacker to make it look like the email is coming from the CIO’s email address. However, this does not mean that the email address is actually valid or that the email is actually sent by the CIO. A better way to check the email address is to hover over it and see if it matches the CIO’s email address exactly. This can help to spot any discrepancies or typos that might indicate a phishing attempt. For example, if the CIO’s email address is [email protected], but when you hover over it, it shows [email protected], then you know that the email is not authentic and likely a phishing attempt.