Which network threat involves deceptive emails aimed at obtaining sensitive information?

The accurate choice is phishing, which is a type of network threat where attackers send deceptive emails that appear to be from legitimate sources, aiming to trick individuals into providing sensitive information such as usernames, passwords, or financial details. This method typically exploits social engineering techniques, manipulating recipients' trust to elicit a response, often directing them to fraudulent websites designed to mirror legitimate ones.

Phishing is particularly dangerous because it capitalizes on human psychology rather than exploiting vulnerabilities in software or hardware directly. The deceptive nature of the emails makes it hard for many users to recognize the threat, especially when the messages seem credible and urgent.

In comparison, other options involve different kinds of threats. For instance, malware is a broad category that includes various malicious software types designed to cause damage or gain unauthorized access. Ransomware specifically encrypts a victim's data, demanding payment for decryption, while a data breach refers to the unauthorized access and retrieval of sensitive information, which can occur due to various vulnerabilities and not necessarily through deceptive communication. Understanding phishing in this context emphasizes the importance of awareness and training in recognizing suspicious emails to enhance security.