[Sаm] Sаrаh receives an email that appears tо be frоm her bank, asking her tо verify her account information and telling her that her account will be suspended if she doesn’t. Unfortunately, the link in the email goes to a copycat website that steals her credentials. Sam, on the other hand, is using his phone to purchase concert tickets while sitting in Turlington Plaza. He believes that he is connected to UF’s Eduroam wifi network, but instead allows an unsecured connection to Edurome which happens to be an access point set up by a hacker also sitting in the plaza. All of his data (unencrypted) are sniffed by the hacker. In this scenario, what two types of security exploits are Sarah and Sam, respectively, falling for?