Which description best fits a cybersquatting cloud computing attack?

• A. The attacker floods services to disrupt cloud provider.
• B. The hacker uses phishing scams by making a domain name that is almost the same as the cloud service provider.
• C. The attacker exploits API tokens to access cloud resources.
• D. The attacker redirects traffic by tampering with DNS records.

Answer: (B)

Cybersquatting in cloud contexts centers on registering domain names that are almost identical to a legitimate cloud provider’s address to trick users. The attacker uses that near-match domain to run phishing campaigns, steering victims to a counterfeit login page or portal where credentials or other sensitive info can be harvested. This fits cybersquatting best because the goal is deception through brand impersonation, not overloading services, stealing API tokens through direct access, or altering DNS records to redirect traffic. The other described actions correspond to DoS, token theft via API access, or DNS hijacking, which are different attack vectors.