A user purchased a new smart home device with embedded software and connected the device to a home network. The user then registered the device with the manufacturer, setting up an account using a personal e$-$mail and password. Which of the following explains how a phishing attack could occur against the user of the smart home device?

The user's account is sent an overwhelming number of messages in an attempt to disrupt service on the user's home network.

A vulnerability in the device's sofware is exploited to gain unauthorized access to other devices on the user's home network.

The user is sent an e$-$mail appearing to be from the manufacturer, asking the user to confrm the account password by clicking on a link in the e$-$mail and entering the password on the resulting page.

A vulnerability in the device's sofware is exploited to install sofware that reveals the user's password to an unauthorized individual.