TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

F5 Labs

What Is Phishing? How to Recognize and Avoid It

2020-11-09 · Read original ↗

ATT&CK techniques detected

23 predictions
T1566.002Spearphishing Link
98%
“. - hover over embedded links ( without clicking ) to reveal the actual url and compare it the link that ’ s shown. - never click embedded links, even if you think they ’ re trustworthy. instead, use your browser to search for the correct url. - never open attachments of any kind…”
T1566.002Spearphishing Link
93%
“accounts in their name, or run up credit card charges. in some cases, the attacker ’ s ultimate goal is to take over a victim ’ s device using malware or to gain access ( through the victim ) to other valuable resources, such as an enterprise ’ s networks, systems, data, or intel…”
T1566.002Spearphishing Link
92%
“such as the victim ’ s bank or credit card company. when the victim unknowingly visits the fake site ( users often don ’ t notice the fake url ), the attacker captures the victim ’ s credentials and then logs into the legitimate site to steal their money or make large purchases. …”
T1566.002Spearphishing Link
92%
“. victims who unknowingly visit a fake website still have a chance to escape if they become suspicious of the url or the information being requested and abandon the site before supplying any information. why phishing works phishing is an easy trap for anyone to fall into for one …”
T1566.002Spearphishing Link
92%
“step 3 : bait the hook once the attacker captures the victim ’ s attention with a convincing lure, all that ’ s left is to provide a hook for the victim to bite ; the two most common are malicious attachments and embedded links. malicious attachments when opened, a malicious atta…”
T1566.002Spearphishing Link
89%
“and how to recognize and respond to phishing across all delivery mechanisms ( email, text, im, social networking, and malvertising ). - deploy multifactor authentication ( mfa ) to prevent credentials that have been compromised in phishing attacks from being used by attackers to …”
T1598.003Spearphishing Link
79%
“s most sensitive data. step 2 : create the phishing lure phishing only works if an attacker can successfully trick a would - be victim into taking action, so impersonation is the common denominator across all types of phishing. the attacker masquerades as an individual or entity …”
T1566Phishing
76%
“accounts in their name, or run up credit card charges. in some cases, the attacker ’ s ultimate goal is to take over a victim ’ s device using malware or to gain access ( through the victim ) to other valuable resources, such as an enterprise ’ s networks, systems, data, or intel…”
T1598.003Spearphishing Link
75%
“such as the victim ’ s bank or credit card company. when the victim unknowingly visits the fake site ( users often don ’ t notice the fake url ), the attacker captures the victim ’ s credentials and then logs into the legitimate site to steal their money or make large purchases. …”
T1566.002Spearphishing Link
69%
“of urgency : “ your account is 90 days past due and has been turned over to a collection agency. to avoid immediate legal action, click here … ” - offering help to solve a problem : “ your account has been locked ; click here to update your information and unlock your account. ” …”
T1566.002Spearphishing Link
62%
“s most sensitive data. step 2 : create the phishing lure phishing only works if an attacker can successfully trick a would - be victim into taking action, so impersonation is the common denominator across all types of phishing. the attacker masquerades as an individual or entity …”
T1566Phishing
58%
“what is phishing? how to recognize and avoid it impersonation is the common denominator across all types of phishing. simply asking a victim to provide their password is one of the most successful social engineering techniques. introduction as stories of electronic fraud fill the…”
T1598Phishing for Information
47%
“##criminals continually adapt their methods to changing trends ( this was evident with the covid - 19 pandemic ), the process is fairly predictable. attackers choose their targets, craft a convincing lure, bait the hook, and then reel in victims. ( not surprisingly, the term “ ph…”
T1566.002Spearphishing Link
46%
“##criminals continually adapt their methods to changing trends ( this was evident with the covid - 19 pandemic ), the process is fairly predictable. attackers choose their targets, craft a convincing lure, bait the hook, and then reel in victims. ( not surprisingly, the term “ ph…”
T1566Phishing
39%
“of urgency : “ your account is 90 days past due and has been turned over to a collection agency. to avoid immediate legal action, click here … ” - offering help to solve a problem : “ your account has been locked ; click here to update your information and unlock your account. ” …”
T1566.003Spearphishing via Service
39%
“s most sensitive data. step 2 : create the phishing lure phishing only works if an attacker can successfully trick a would - be victim into taking action, so impersonation is the common denominator across all types of phishing. the attacker masquerades as an individual or entity …”
T1566.002Spearphishing Link
38%
“what is phishing? how to recognize and avoid it impersonation is the common denominator across all types of phishing. simply asking a victim to provide their password is one of the most successful social engineering techniques. introduction as stories of electronic fraud fill the…”
T1566Phishing
38%
“##criminals continually adapt their methods to changing trends ( this was evident with the covid - 19 pandemic ), the process is fairly predictable. attackers choose their targets, craft a convincing lure, bait the hook, and then reel in victims. ( not surprisingly, the term “ ph…”
T1598Phishing for Information
37%
“accounts in their name, or run up credit card charges. in some cases, the attacker ’ s ultimate goal is to take over a victim ’ s device using malware or to gain access ( through the victim ) to other valuable resources, such as an enterprise ’ s networks, systems, data, or intel…”
T1598.002Spearphishing Attachment
35%
“s most sensitive data. step 2 : create the phishing lure phishing only works if an attacker can successfully trick a would - be victim into taking action, so impersonation is the common denominator across all types of phishing. the attacker masquerades as an individual or entity …”
T1566Phishing
33%
“and how to recognize and respond to phishing across all delivery mechanisms ( email, text, im, social networking, and malvertising ). - deploy multifactor authentication ( mfa ) to prevent credentials that have been compromised in phishing attacks from being used by attackers to …”
T1598Phishing for Information
31%
“s most sensitive data. step 2 : create the phishing lure phishing only works if an attacker can successfully trick a would - be victim into taking action, so impersonation is the common denominator across all types of phishing. the attacker masquerades as an individual or entity …”
T1598.003Spearphishing Link
30%
“accounts in their name, or run up credit card charges. in some cases, the attacker ’ s ultimate goal is to take over a victim ’ s device using malware or to gain access ( through the victim ) to other valuable resources, such as an enterprise ’ s networks, systems, data, or intel…”

Summary

"What is phishing" is still a relevant question we're answering as the attack type and techniques evolve, victimizing even the most tech-savvy users.