Common Information
Type | Value |
---|---|
Value |
Email Addresses - T1589.002 |
Category | Attack-Pattern |
Type | Mitre-Attack-Pattern |
Misp Type | Cluster |
Description | Adversaries may gather email addresses that can be used during targeting. Even if internal instances exist, organizations may have public-facing email infrastructure and addresses for employees. Adversaries may easily gather email addresses, since they may be readily available and exposed via online or other accessible data sets (ex: [Social Media](https://attack.mitre.org/techniques/T1593/001) or [Search Victim-Owned Websites](https://attack.mitre.org/techniques/T1594)).(Citation: HackersArise Email)(Citation: CNET Leaks) Email addresses could also be enumerated via more active means (i.e. [Active Scanning](https://attack.mitre.org/techniques/T1595)), such as probing and analyzing responses from authentication services that may reveal valid usernames in a system.(Citation: GrimBlog UsernameEnum) For example, adversaries may be able to enumerate email addresses in Office 365 environments by querying a variety of publicly available API endpoints, such as autodiscover and GetCredentialType.(Citation: GitHub Office 365 User Enumeration)(Citation: Azure Active Directory Reconnaisance) Gathering this information may reveal opportunities for other forms of reconnaissance (ex: [Search Open Websites/Domains](https://attack.mitre.org/techniques/T1593) or [Phishing for Information](https://attack.mitre.org/techniques/T1598)), establishing operational resources (ex: [Email Accounts](https://attack.mitre.org/techniques/T1586/002)), and/or initial access (ex: [Phishing](https://attack.mitre.org/techniques/T1566) or [Brute Force](https://attack.mitre.org/techniques/T1110) via [External Remote Services](https://attack.mitre.org/techniques/T1133)). |
Details | Published | Attributes | CTI | Title | ||
---|---|---|---|---|---|---|
Details | Website | 2025-11-07 | 1 | Vault7 - Home | ||
Details | Website | 2024-12-30 | 27 | Interlab 인터랩 | Cyber Threat Report: RambleOn Android Malware | ||
Details | Website | 2024-11-17 | 0 | From Forest Trails to Digital Investigations: My Journey with TraceLabs | ||
Details | Website | 2024-11-16 | 0 | How Hackers Turn Your Information into a Weapon | ||
Details | Website | 2024-11-16 | 0 | How I Escalated a Simple JWT from Archives to ATO! | ||
Details | Website | 2024-11-16 | 2 | Reoon Email: Cutting-edge Verification Tools | ||
Details | Website | 2024-11-16 | 0 | "We're stopping zero days before they're even used" — Security pros tell us how they are infiltrating cybercriminal networks and striking back from within | #cybercrime | #infosec | National Cyber Security Consulting | ||
Details | Website | 2024-11-15 | 2 | Phishing Emails: How to Spot Them and Stay Safe | ||
Details | Website | 2024-11-15 | 0 | Data Tracking on the Dark Web: Leveraging Threat Intelligence for Insights - SOCRadar® Cyber Intelligence Inc. | ||
Details | Website | 2024-11-15 | 1 | How To Authenticate Email? | ||
Details | Website | 2024-11-15 | 2 | Fresh Phish: Harvesting Your Credentials Using Controversial Telegram Bots | ||
Details | Website | 2024-11-15 | 0 | How Hackers Turn Your Information into a Weapon | ||
Details | Website | 2024-11-15 | 2 | Data Tracking on the Dark Web: Leveraging Threat Intelligence for Insights | ||
Details | Website | 2024-11-15 | 1 | OWASP Top 10 for LLMs: Protecting GenAI with AiFort | ||
Details | Website | 2024-11-15 | 81 | eJPT v2 Cert : Overview & Practice Labs | ||
Details | Website | 2024-11-15 | 0 | Understanding MFA Bypass Techniques and Staying Secure | ||
Details | Website | 2024-11-14 | 0 | Norton 360 for Gamers 2024 Review: Unleash Your Gaming | ||
Details | Website | 2024-11-14 | 3 | 122 million people’s business contact info leaked by data broker | ||
Details | Website | 2024-11-14 | 3 | 122 million people's business contact info leaked by data broker | Malwarebytes | ||
Details | Website | 2024-11-14 | 13 | A Comprehensive Malware Analysis: Deobfuscating and Analyzing a Captive ReCAPTCHA Attack | ||
Details | Website | 2024-11-14 | 0 | Transak hit by data breach, 92K users exposed! | ||
Details | Website | 2024-11-14 | 72 | Weekly Intelligence Report - 15 Nov 2024 | #ransomware | #cybercrime | National Cyber Security Consulting | ||
Details | Website | 2024-11-14 | 78 | Advanced Search Engines For Hackers | ||
Details | Website | 2024-11-14 | 0 | Build Your Own Application-Layer Encryption? | ||
Details | Website | 2024-11-14 | 1 | Microsoft Power Pages Misconfiguration Leads to Data Exposure |