Which type of phishing attack uses instant messaging platforms to send spam?

The correct identification of spimming as the type of phishing attack that utilizes instant messaging platforms is rooted in the nature of how these attacks are executed. Spimming specifically refers to the sending of unsolicited messages through instant messaging platforms, which may contain fraudulent links or requests for sensitive information. This form of phishing takes advantage of the real-time communication features of instant messaging to reach unsuspecting victims quickly and often appears more personal or immediate compared to traditional email phishing scams.

The other options are distinct in their tactics and methods. CEO scams typically involve deception where attackers pose as high-ranking officials to manipulate subordinates into transferring funds or sensitive data through emails. Pharming is a more technical approach, redirecting users from legitimate websites to fraudulent ones without their knowledge, primarily focusing on web browser exploits rather than messaging platforms. Puddle phishing is less commonly recognized and doesn’t specifically pertain to instant messaging, making spimming the clear choice for this question.