Which of the following techniques is commonly used in social engineering attacks?

Phishing is a technique that is widely recognized as a form of social engineering attack. It involves deceiving individuals into revealing sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in electronic communications. Often conducted via email, phishing relies on psychological manipulation, playing on the target's emotions or trust to elicit a response that benefits the attacker.

The effectiveness of phishing lies in its ability to exploit human psychology rather than technical vulnerabilities. Attackers often create fake websites that closely resemble legitimate ones or craft emails that appear to come from reputable sources. By doing so, they increase the likelihood that users will divulge their personal information without realizing they are being deceived.

In contrast, packet sniffing, firewall configuration, and data encryption are technical concepts related to network security. Packet sniffing refers to intercepting and analyzing data packets traveling through a network, which does not involve manipulating individuals. Firewall configuration involves setting up rules to control the flow of network traffic and protect systems from unauthorized access, whereas data encryption is a method of securing information by encoding it. None of these techniques apply the psychological manipulation intrinsic to social engineering, thus distinguishing phishing as the correct answer.