Which term refers to the method of capturing passwords using social engineering?

The term that refers to the method of capturing passwords using social engineering is phishing. Phishing is a cyber attack that uses deceptive tactics to manipulate individuals into divulging sensitive information, such as passwords, credit card numbers, or other personal data. Often, attackers will create a fake scenario, such as an email that appears to come from a legitimate source, to trick the user into entering their credentials on a fraudulent website. This technique relies heavily on human psychology and the trust people have in recognized brands or institutions.

In contrast, the other terms listed do not relate to social engineering in the same way. DDoS (Distributed Denial of Service) refers to a type of attack aimed at overwhelming a server or network with traffic to render a service unavailable, rather than capturing data through deception. Malware infections involve malicious software used to damage, disrupt, or gain unauthorized access to systems but do not specifically target user interaction in the way social engineering does. Data encryption is a security measure employed to protect data by converting it into a coded format, ensuring that unauthorized users cannot easily access the information, rather than a method for capturing it.