A company notices an unusual number of failed login attempts coming from a single IP address. The security team confirms that the attacker is using automated scripts to guess employee passwords. Which type of attack is being attempted?

Spoofing attacks involve impersonating another device or user to gain unauthorized access to a system or information. This type of attack focuses on deception rather than attempting to guess passwords. Since the scenario describes an attack specifically targeting password guessing, spoofing does not apply here.

SQL injection attacks occur when an attacker inserts or "injects" malicious SQL queries into input fields to manipulate a database. This technique is aimed at exploiting vulnerabilities in web applications, not at guessing passwords. The context of login attempts does not align with SQL injection methods.

Phishing attacks aim to trick individuals into providing sensitive information, such as passwords, by masquerading as a trustworthy entity. This method typically involves social engineering rather than automated attempts to guess passwords. The scenario does not describe any deceptive communication, thus ruling out phishing.