Which of the following is a common technique used in phishing attacks?

Suspicious links in emails are indeed a hallmark of phishing attacks. Attackers often send emails that appear to be from legitimate organizations, luring recipients to click on these malicious links. Once clicked, these links can lead to fake websites designed to harvest sensitive information, such as usernames, passwords, or credit card details. The links may be disguised to look authentic but actually redirect to sites under the control of the attackers.

The other choices relate to different contexts or methods of social engineering but do not fit the typical phishing motif as well as suspicious links do. For instance, a direct email from a trusted source could sometimes be legitimate, but when it comes to phishing, attackers will impersonate trusted entities. While voice calls from unknown numbers can involve scams or social engineering, they are not as prevalent in phishing as email-based tactics. The use of secure websites would usually indicate a legitimate site, whereas phishing typically involves fraudulent sites that are often not secure.