This scenario demonstrates a classic social engineering tactic often referred to as “social media quizzes” or “engagement bait”, commonly used in open-source intelligence gathering (OSINT) and pretexting attacks.

From CEH v13 Module 01: Introduction to Ethical Hacking and Module 09: Social Engineering, attackers may create seemingly innocent posts that ask users to share answers to common questions like:

What was your first pet’s name?

What’s your mother’s maiden name?

What city were you born in?

What’s your favorite food?

These questions mirror the types of security questions used by banks and other services for account recovery or authentication. By answering these in public forums or comments, users unknowingly disclose data that can be used to:

Bypass security questions

Reset passwords

Perform targeted account takeovers

Why Other Options Are Incorrect:

B. Matt's bank account login information was brute forced.

Unlikely. Most banks implement account lockout policies and multi-factor authentication that would prevent brute force attempts.

C. Matt inadvertently provided his password when responding to the post.

Incorrect. Passwords are not usually asked in public-facing posts. Users are unlikely to provide literal passwords unless heavily tricked by phishing.

D. Matt's computer was infected with a keylogger.

Possible but less likely. The context suggests that the only suspicious behavior was responding to the Facebook post, which doesn't imply malware installation or downloading.

Reference from CEH v13 Study Guide and Course Material:

CEH v13 Official Module 09 – Social Engineering, Slide: Common Social Engineering Techniques (Quizzes, Pretexting)

CEH Engage – Social Engineering Phase

EC-Council iLabs – Performing Social Engineering Attacks Simulation

CEH v13 Courseware Notes – Reconnaissance Using OSINT and Public Social Platforms