Common Information
| Type | Value |
|---|---|
| Value |
Impersonation - T1656 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may impersonate a trusted person or organization in order to persuade and trick a target into performing some action on their behalf. For example, adversaries may communicate with victims (via [Phishing for Information](https://attack.mitre.org/techniques/T1598), [Phishing](https://attack.mitre.org/techniques/T1566), or [Internal Spearphishing](https://attack.mitre.org/techniques/T1534)) while impersonating a known sender such as an executive, colleague, or third-party vendor. Established trust can then be leveraged to accomplish an adversary’s ultimate goals, possibly against multiple victims. In many cases of business email compromise or email fraud campaigns, adversaries use impersonation to defraud victims -- deceiving them into sending money or divulging information that ultimately enables [Financial Theft](https://attack.mitre.org/techniques/T1657). Adversaries will often also use social engineering techniques such as manipulative and persuasive language in email subject lines and body text such as `payment`, `request`, or `urgent` to push the victim to act quickly before malicious activity is detected. These campaigns are often specifically targeted against people who, due to job roles and/or accesses, can carry out the adversary’s goal. Impersonation is typically preceded by reconnaissance techniques such as [Gather Victim Identity Information](https://attack.mitre.org/techniques/T1589) and [Gather Victim Org Information](https://attack.mitre.org/techniques/T1591) as well as acquiring infrastructure such as email domains (i.e. [Domains](https://attack.mitre.org/techniques/T1583/001)) to substantiate their false identity.(Citation: CrowdStrike-BEC) There is the potential for multiple victims in campaigns involving impersonation. For example, an adversary may [Compromise Accounts](https://attack.mitre.org/techniques/T1586) targeting one organization which can then be used to support impersonation against other entities.(Citation: VEC) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-16 | 3 | What Does Google’s Cybersecurity Forecast for 2025 Reveal? | ||
| Details | Website | 2024-11-16 | 0 | Cybersecurity 2024: Emerging Trends and Challenging Threats to Look Out for | ||
| Details | Website | 2024-11-16 | 14 | Building an Integrated Threat Intelligence Platform Using Python and Kibana | ||
| Details | Website | 2024-11-16 | 12 | Why Traditional Phishing Trainings fail and How Firewalls Fill the Gap | ||
| Details | Website | 2024-11-15 | 0 | Cybercrime as an industry: examining the organisational structure of Chinese cybercrime | #cybercrime | #infosec | National Cyber Security Consulting | ||
| Details | Website | 2024-11-15 | 0 | 60 Hours of Cyber Defense: Hong Kong’s Innovative Cybersecurity Drill Begins | ||
| Details | Website | 2024-11-15 | 5 | The Good, the Bad and the Ugly in Cybersecurity - Week 46 | ||
| Details | Website | 2024-11-15 | 1 | FTC reports 50% drop in unwanted call complaints since 2021 | ||
| Details | Website | 2024-11-14 | 0 | Why that Google Meet error might be a sneaky hacker trick | Proofpoint US | ||
| Details | Website | 2024-11-14 | 3 | FakeBat Loader is Back With New Tactics and Payload – | ||
| Details | Website | 2024-11-14 | 2 | Google’s Cybersecurity Forecast 2025 (Key Insights and Trends for the Year Ahead) | ||
| Details | Website | 2024-11-14 | 0 | Overcoming Kubernetes Log Challenges in Detection | Wiz Blog | ||
| Details | Website | 2024-11-14 | 0 | Penetration Testing: Strengthening Your Cyber Defenses by Identifying Vulnerabilities | ||
| Details | Website | 2024-11-14 | 24 | Major cyber attacks and data breaches of 2024 | ||
| Details | Website | 2024-11-14 | 3 | Germany's Cyber Threat Landscape Grows Resilient Under Fire | ||
| Details | Website | 2024-11-14 | 0 | A new way we’re helping others track frauds and scams online | ||
| Details | Website | 2024-11-13 | 0 | The Hidden Reason Why You Need to Install the Burp Certificate First | ||
| Details | Website | 2024-11-13 | 0 | Impersonation attacks possible with novel Microsoft Bookings bug | ||
| Details | Website | 2024-11-13 | 0 | Warning: Online shopping threats to avoid this Black Friday and Cyber Monday | ||
| Details | Website | 2024-11-13 | 0 | Warning: Online shopping threats to avoid this Black Friday and Cyber Monday | Malwarebytes | ||
| Details | Website | 2024-11-13 | 0 | How Global Cybercrime Rings Are Scamming Millions Daily — And What You Can Do To Protect Yourself | #cybercrime | #infosec | National Cyber Security Consulting | ||
| Details | Website | 2024-11-13 | 0 | New Police Measures Aim to Curb Scam Losses in Singapore | ||
| Details | Website | 2024-11-12 | 1 | MOVEit Data Leak Exposes Employee Data of Amazon, HSBC & More – What You Need to Know - SOCRadar® Cyber Intelligence Inc. | ||
| Details | Website | 2024-11-12 | 0 | Topic: The Devil Side of the Online World: Understanding the Cyber Harassment | ||
| Details | Website | 2024-11-12 | 2 | MOVEit Data Leak Exposes Employee Data of Amazon, HSBC & More – What You Need to Know |