What type of attack utilizes deceptive techniques to extract sensitive information from a user?

The type of attack that utilizes deceptive techniques to extract sensitive information from a user is social engineering. Social engineering exploits human psychology rather than technical vulnerabilities to manipulate individuals into divulging confidential or personal information. This can involve tactics such as impersonating a trusted source, creating a sense of urgency, or using emotional appeals to convince a target to share sensitive data, such as passwords or financial details.

In contrast, injection attacks, SQL injection, and cross-site scripting are all technical vulnerabilities that primarily exploit weaknesses in software code or database queries. While these attacks can certainly lead to the compromise of sensitive information, they do so through coding exploits rather than directly manipulating people’s trust or behavior. Thus, social engineering stands out as the method specifically designed around the deception of individuals to gain access to sensitive information.