A secretary receives an email from the companys Chief Executive Officer (CEO) with a request to pay a vendor immediately. After the payment is made, the CEO tells the secretary that they never sent that email. Which of the following social engineering tactics best describes this type of attack?

An evil twin attack involves creating a fake Wi-Fi network that mimics a legitimate one to intercept data transmitted over it. This tactic does not apply here, as the scenario does not involve a deceptive network but rather a fraudulent email impersonating the CEO, which is unrelated to Wi-Fi security.

Impersonation refers to someone pretending to be another individual to gain unauthorized access or information, but it is a broader term. While the CEO's identity is indeed impersonated in the email, the specific context of targeting a high-level executive for a significant financial action categorizes this incident more accurately as whaling.

Spear phishing is a targeted attempt to steal sensitive information from a specific individual, often using personalized information. However, whaling is a subset of spear phishing that specifically targets senior executives. Since this attack involves the CEO and is aimed at a critical financial action, it is more accurately classified as whaling.