Common Information
| Type | Value |
|---|---|
| Value |
Phishing - T1566 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may send phishing messages to gain access to victim systems. All forms of phishing are electronically delivered social engineering. Phishing can be targeted, known as spearphishing. In spearphishing, a specific individual, company, or industry will be targeted by the adversary. More generally, adversaries can conduct non-targeted phishing, such as in mass malware spam campaigns. Adversaries may send victims emails containing malicious attachments or links, typically to execute malicious code on victim systems. Phishing may also be conducted via third-party services, like social media platforms. Phishing may also involve social engineering techniques, such as posing as a trusted source, as well as evasive techniques such as removing or manipulating emails or metadata/headers from compromised accounts being abused to send messages (e.g., [Email Hiding Rules](https://attack.mitre.org/techniques/T1564/008)).(Citation: Microsoft OAuth Spam 2022)(Citation: Palo Alto Unit 42 VBA Infostealer 2014) Another way to accomplish this is by forging or spoofing(Citation: Proofpoint-spoof) the identity of the sender which can be used to fool both the human recipient as well as automated security tools.(Citation: cyberproof-double-bounce) Victims may also receive phishing messages that instruct them to call a phone number where they are directed to visit a malicious URL, download malware,(Citation: sygnia Luna Month)(Citation: CISA Remote Monitoring and Management Software) or install adversary-accessible remote management tools onto their computer (i.e., [User Execution](https://attack.mitre.org/techniques/T1204)).(Citation: Unit42 Luna Moth) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2028-10-24 | 0 | MIT Technology Review Insights Survey on Zero Trust in Cybersecurity | ||
| Details | Website | 2024-12-30 | 27 | Interlab 인터랩 | Cyber Threat Report: RambleOn Android Malware | ||
| Details | Website | 2024-12-19 | 17 | Silent Push uncovers a large Russian Ursnif/Gozi banking trojan operation targeting global AnyDesk users. — Silent Push Threat Intelligence | ||
| Details | Website | 2024-11-22 | 6 | Black Friday e-commerce scam: Comprehensive analysis of PayPal attack vectors. — Silent Push Threat Intelligence | ||
| Details | Website | 2024-11-17 | 0 | Phishing emails increasingly use SVG attachments to evade detection | ||
| Details | Website | 2024-11-17 | 0 | "Navigating the future of digital security: How evolving threats, advanced AI, and new protection… | ||
| Details | Website | 2024-11-17 | 0 | Don’t Hold Down The Ctrl Key Warning As New 2SP Cyber Attacks Emerge | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | ||
| Details | Website | 2024-11-17 | 1 | Compare Easy-to-use VPN Services | ||
| Details | Website | 2024-11-17 | 0 | From Detection to Response: The Power of XDR in Cybersecurity | ||
| Details | Website | 2024-11-17 | 2 | Malware and Cache | ||
| Details | Website | 2024-11-17 | 0 | Embracing cybersecurity in pop culture from fiction to reality - London Business News | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | ||
| Details | Website | 2024-11-17 | 0 | Bank fraud is rampant. Your data could be anywhere. Here’s how to protect yourself. | ||
| Details | Website | 2024-11-17 | 0 | The Security illusion: Why Two-Factor Authentication is No Longer Enough | ||
| Details | Website | 2024-11-17 | 0 | Ontology and Taxonomy in Cybersecurity | ||
| Details | Website | 2024-11-17 | 1 | Is Nordvpn Safe To Install? — Comprehensive Guide And FAQs | ||
| Details | Website | 2024-11-17 | 0 | Cybersecurity Myths Busted: What You Need to Know to Stay Safe | ||
| Details | Website | 2024-11-17 | 0 | AI’s Game-Changing Impact on Mobile Security | ||
| Details | Website | 2024-11-17 | 0 | Debunking Cybersecurity Myths | ||
| Details | Website | 2024-11-17 | 0 | Black Friday and Cyber Monday: A Hotspot for Cyber Crime | #cybercrime | #infosec | National Cyber Security Consulting | ||
| Details | Website | 2024-11-17 | 0 | 🚨 Vietnamese Hackers Unleash PXA Stealer: Targeting Sensitive Data Across Europe and Asia 🌍🔓 | ||
| Details | Website | 2024-11-17 | 1 | Best Price On Top-rated VPN | ||
| Details | Website | 2024-11-17 | 0 | T-Mobile Hack Linked To Chinese State Sponsored Hackers | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | ||
| Details | Website | 2024-11-17 | 0 | ChatGPT Security Risks for Business: The Essential Checklist for Protection | ||
| Details | Website | 2024-11-17 | 3 | LetsDefend SOC Walkthrough | SOC145 — Ransomware Detected | ||
| Details | Website | 2024-11-17 | 2 | Phishing emails increasingly use SVG attachments to evade detection |