An attacker configures a fake email sender address to make a message appear as though it is from a trusted contact. The message tricks the recipient into clicking a malicious link. Which type of attack is being executed?

Phishing is characterized by the use of deceptive messages to manipulate recipients into taking harmful actions, such as clicking on links or providing personal information. In this case, the attacker’s configuration of a fake email sender address to impersonate a trusted contact directly aligns with the definition of phishing, making it the correct choice.

A denial-of-service (DoS) attack aims to overwhelm a system or network, rendering it inaccessible to users. This method does not involve deception through emails or social engineering; rather, it focuses on disrupting service availability. Therefore, it does not apply to the situation presented in the question.

A brute-force attack involves systematically trying numerous passwords or encryption keys to gain unauthorized access to a system. This method relies on computational power rather than deception, differing fundamentally from phishing, where the goal is to trick the user into taking action.