Common Information
Type Value
Value
Phishing - T1660
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may send malicious content to users in order to gain access to their mobile devices. All forms of phishing are electronically delivered social engineering. Adversaries can conduct both non-targeted phishing, such as in mass malware spam campaigns, as well as more targeted phishing tailored for a specific individual, company, or industry, known as “spearphishing”. Phishing often involves social engineering techniques, such as posing as a trusted source, as well as evasion techniques, such as removing or manipulating emails or metadata/headers from compromised accounts being abused to send messages. Mobile phishing may take various forms. For example, adversaries may send emails containing malicious attachments or links, typically to deliver and then execute malicious code on victim devices. Phishing may also be conducted via third-party services, like social media platforms. Mobile devices are a particularly attractive target for adversaries executing phishing campaigns. Due to their smaller form factor than traditional desktop endpoints, users may not be able to notice minor differences between genuine and phishing websites. Further, mobile devices have additional sensors and radios that allow adversaries to execute phishing attempts over several different vectors, such as: - SMS messages: Adversaries may send SMS messages (known as “smishing”) from compromised devices to potential targets to convince the target to, for example, install malware, navigate to a specific website, or enable certain insecure configurations on their device. - Quick Response (QR) Codes: Adversaries may use QR codes (known as “quishing”) to redirect users to a phishing website. For example, an adversary could replace a legitimate public QR Code with one that leads to a different destination, such as a phishing website. A malicious QR code could also be delivered via other means, such as SMS or email. In the latter case, an adversary could utilize a malicious QR code in an email to pivot from the user’s desktop computer to their mobile device. - Phone Calls: Adversaries may call victims (known as “vishing”) to persuade them to perform an action, such as providing login credentials or navigating to a malicious website. This could also be used as a technique to perform the initial access on a mobile device, but then pivot to a computer/other network by having the victim perform an action on a desktop computer.
Details Published Attributes CTI Title
Details Website 2030-03-02 20 APT QUARTERLY HIGHLIGHTS - Q3 : 2023 - CYFIRMA
Details Website 2028-10-24 0 MIT Technology Review Insights Survey on Zero Trust in Cybersecurity
Details Website 2025-12-17 17 Stories from the SOC: Caught in the Trap: Detecting and…
Details Website 2025-09-05 0 New LevelBlue Threat Trends Report gives critical insights…
Details Website 2025-09-01 0 How ThreatConnect and Polarity Empower Teams to Combat Phishing Threats | ThreatConnect
Details Website 2025-08-01 0
Details Website 2025-03-08 13 Phishing via
Details Website 2025-02-12 9 Sandworm APT Attacks Detection: russian State-Sponsored Hackers Deploy Malicious Windows KMS Activators to Target Ukraine - SOC Prime
Details Website 2025-02-12 0 A 5 step attack process that crypto projects should defend against
Details Website 2025-02-12 5 Stolen Information Used in Personalized Immigration-Themed Attack
Details Website 2025-02-12 0 2024 Breaches Unmasked (Part 5): Inadequate Network Segmentation
Details Website 2025-02-12 0 2024 Breaches Unmasked (Part 4): Lack of Incident Response Planning
Details Website 2025-02-12 0 Hackers Manipulate Users Into Running PowerShell as Admin to Exploit Windows
Details Website 2025-02-12 0 2024 Cybersecurity Retrospective: Lessons Learned for 2025 and Beyond
Details Website 2025-02-12 0 The Role of a Network Management Consultant for OEMs and Dealers
Details Website 2025-02-12 4 How to Track Advanced Persistent Threats
Details Website 2025-02-12 2 I Used a Sandbox to Strengthen Bank’s Security — Here’s How It Worked
Details Website 2025-02-12 4 How to Track Advanced Persistent Threats - ANY.RUN's Cybersecurity Blog
Details Website 2025-02-12 0 The Unfolding Mystery of Ransomware: A Journey Through Defense and Recovery
Details Website 2025-02-12 0 I was hacked
Details Website 2025-02-12 0 Top 5 Cybersecurity Risks Businesses Face (and How Pentesting Can Help)
Details Website 2025-02-12 4 Insider Threats: Why Employees Are a Top Cybersecurity Risk
Details Website 2025-02-12 0 West London Council Faces 20,000 Cyberattack Attempts Every Day Amid Growing Threats
Details Website 2025-02-12 0 0.31 BTC Promo Code STICKS Scam – How to Avoid?
Details Website 2025-02-12 1 How AI is Enhancing Cybersecurity: Protecting Against Emerging Threats