Which of the following describes a phishing attack?

A phishing attack is characterized by its goal of stealing sensitive information, such as usernames, passwords, or financial details, by using deceptive emails or messages. In these attacks, a malicious individual often pretends to be a legitimate entity, such as a bank or a well-known company, to trick the recipient into clicking a link or providing personal information. The messages typically contain a sense of urgency or alarm to prompt immediate action, which exploits the emotional response of the recipient.

The other options describe different types of cyber threats. Malware, for example, refers to various malicious software programs that can cause damage or unauthorized actions on a computer, but it does not specifically relate to the tactics of deception used in phishing. Exploits that target system vulnerabilities are attacks that take advantage of weaknesses in software or hardware, not necessarily relying on deceptive communication. Lastly, a coordinated attack aimed at bringing down a system refers to strategies like Distributed Denial of Service (DDoS) attacks, which overwhelm a target with traffic rather than attempting to trick individuals into revealing sensitive information.