Phishing: Difference between revisions

From Cognitive Attack Taxonomy
← Older editNewer edit →
Line 25: Line 25:
'''Mechanism:'''  <br>
'''Mechanism:'''  <br>


'''Multipliers:''' Research indicates that using a mobile device can make an individual MORE susceptible to clicking malicious links<ref>Zhuo, S., Biddle, R., Betts, L., Arachchilage, N. A. G., Koh, Y. S., Lottridge, D., & Russello, G. (2023). What You See is Not What You Get: The Role of Email Presentation in Phishing Susceptibility. https://arxiv.org/abs/2304.00664</ref> <br>
'''Multipliers:''' <br>
Distraction: [[Distracted Approach-Distraction]] (CAT-2022-191) users who are distracted or who have their attention directed toward another task or object are more susceptible to phishing attempts.
 
Mobile Device Usage: Research indicates that using a mobile device can make an individual MORE susceptible to clicking malicious links<ref>Zhuo, S., Biddle, R., Betts, L., Arachchilage, N. A. G., Koh, Y. S., Lottridge, D., & Russello, G. (2023). What You See is Not What You Get: The Role of Email Presentation in Phishing Susceptibility. https://arxiv.org/abs/2304.00664</ref> <br>


'''Detailed Description:''' Fraudulent attempt to obtain sensitive information from a target, or convince a target to download malware, by impersonating a trustworthy entity. This is typically carried out using email as the communication medium. <br>
'''Detailed Description:''' Fraudulent attempt to obtain sensitive information from a target, or convince a target to download malware, by impersonating a trustworthy entity. This is typically carried out using email as the communication medium. <br>

Revision as of 02:31, 11 November 2024

Phishing

Short Description: Using email to deceive a target into downloading malware or revealing sensitive information.

CAT ID: CAT-2022-132

Layer: 8

Operational Scale: Tactical

Level of Maturity: Well-Established

Category: TTP

Subcategory:

Also Known As:

Description:

Brief Description:

Closely Related Concepts:

Mechanism:

Multipliers:
Distraction: Distracted Approach-Distraction (CAT-2022-191) users who are distracted or who have their attention directed toward another task or object are more susceptible to phishing attempts.

Mobile Device Usage: Research indicates that using a mobile device can make an individual MORE susceptible to clicking malicious links[1]

Detailed Description: Fraudulent attempt to obtain sensitive information from a target, or convince a target to download malware, by impersonating a trustworthy entity. This is typically carried out using email as the communication medium.

INTERACTIONS [VETs]:

Examples:

Use Case Example(s):

Example(s) From The Wild:

Comments:

References:

  1. Zhuo, S., Biddle, R., Betts, L., Arachchilage, N. A. G., Koh, Y. S., Lottridge, D., & Russello, G. (2023). What You See is Not What You Get: The Role of Email Presentation in Phishing Susceptibility. https://arxiv.org/abs/2304.00664
Retrieved from "https://cognitiveattacktaxonomy.org/index.php?title=Phishing&oldid=478"