Which of the following is a common type of network attack?

Phishing is a common type of network attack primarily because it exploits human psychology rather than technical vulnerabilities within systems or networks. In phishing attacks, an attacker impersonates a trustworthy entity to deceive individuals into providing sensitive information, such as passwords, credit card numbers, or personal identification details. This form of attack often involves sending fraudulent emails or messages that appear legitimate, directing users to fake websites that resemble real ones.

The success of phishing largely depends on the attackers’ ability to create convincing communications and the recipients' susceptibility to these tactics. Increasingly sophisticated phishing techniques, such as spear phishing—where specific individuals are targeted—further amplify this threat, making it a pervasive issue in cybersecurity.

While other options like cross-site scripting, data manipulation, or buffer overflow represent significant attacks too, they are generally more technical in nature and usually involve exploiting specific vulnerabilities in software or infrastructure rather than directly preying on user behavior and trust. Therefore, phishing stands out as a distinct and frequently encountered type of network attack in the landscape of cybersecurity threats.