Which of the following best describes a phishing attack?

Phishing attacks are primarily characterized as techniques intended to acquire sensitive information from individuals, such as usernames, passwords, or credit card numbers, often by disguising as a trustworthy entity in electronic communications. In a typical phishing scenario, attackers send out emails or messages that appear to be from legitimate sources, prompting the victim to click on a link or provide personal information under false pretenses. This method exploits human psychology, taking advantage of trust to deceive individuals into disclosing their confidential data.

While other choices mention concepts relevant to cybersecurity, they do not define what phishing is. For instance, evading firewall detection pertains more to methods used by attackers to bypass security measures rather than capturing user data. The mention of malware that encrypts files refers to ransomware, which is a different kind of threat. Lastly, network segmentation is a strategy for improving security but does not relate to the act of stealing personal information like phishing does. Understanding what phishing entails is crucial for recognizing threats and implementing preventative measures in cybersecurity settings.