Escalation Attack: Difference between revisions
Created page with "== '''Escalation Attack ''' == '''Short Description:''' Sending an easily identified phishing email to a user who forwards it to IT support. <br> '''CAT ID:''' CAT-2022-230 <br> '''Layer:''' 8, 9 <br> '''Operational Scale:''' Multiple Scales <br> '''Level of Maturity:''' Proof of Concept <br> '''Category:''' TTP <br> '''Subcategory:''' <br> '''Also Known As:''' <br> == '''Description:''' == '''Brief Description:''' <br> '''Closely Related Concepts:'''..." |
|||
| Line 9: | Line 9: | ||
'''Operational Scale:''' Multiple Scales <br> | '''Operational Scale:''' Multiple Scales <br> | ||
'''Level of Maturity:''' | '''Level of Maturity:''' Theoretical <br> | ||
'''Category:''' TTP <br> | '''Category:''' TTP <br> | ||
Latest revision as of 04:58, 30 July 2024
Escalation Attack
Short Description: Sending an easily identified phishing email to a user who forwards it to IT support.
CAT ID: CAT-2022-230
Layer: 8, 9
Operational Scale: Multiple Scales
Level of Maturity: Theoretical
Category: TTP
Subcategory:
Also Known As:
Description:
Brief Description:
Closely Related Concepts:
Mechanism:
Multipliers:
Detailed Description: Sending an easily identified phishing email to a user who then forwards it to their IT department, who in turn clicks the link to identify where it leads and there by exposes themselves (a user with higher privileges) to the phishing threat. This might also be employed to reach higher levels of management when a direct attack isn't feasible.
INTERACTIONS [VETs]:
Examples:
Use Case Example(s):
Example(s) From The Wild:
