No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
Attackers may use phishing tactics to trick individuals into revealing sensitive information that can be used to identify potential targets. This type of phishing, known as "phishing for information," is different from traditional phishing where the goal is to execute malicious code. Phishing for information can take the form of targeted spearphishing, where specific individuals, companies or industries are targeted, or non-targeted phishing, such as in mass credential harvesting campaigns. Adversaries may also try to obtain information through email, instant messaging, or other electronic means. This may involve using social engineering techniques, such as pretending to be a legitimate source, sending urgent messages, and trying to gain access to accounts through compromised credentials. | Attackers may use phishing tactics to trick individuals into revealing sensitive information that can be used to identify potential targets. This type of phishing, known as "phishing for information," is different from traditional [[:Category:Phishing|phishing]] where the goal is to execute malicious code. Phishing for information can take the form of targeted spearphishing, where specific individuals, companies or industries are targeted, or non-targeted phishing, such as in mass credential harvesting campaigns. Adversaries may also try to obtain information through email, instant messaging, or other electronic means. This may involve using social engineering techniques, such as pretending to be a legitimate source, sending urgent messages, and trying to gain access to accounts through compromised credentials. | ||
[[File:Spearphish.png|left|thumb]] | [[File:Spearphish.png|left|thumb]] | ||
[[category:Reconnaissance]] | [[category:Reconnaissance]] |
Latest revision as of 16:49, 26 January 2023
Attackers may use phishing tactics to trick individuals into revealing sensitive information that can be used to identify potential targets. This type of phishing, known as "phishing for information," is different from traditional phishing where the goal is to execute malicious code. Phishing for information can take the form of targeted spearphishing, where specific individuals, companies or industries are targeted, or non-targeted phishing, such as in mass credential harvesting campaigns. Adversaries may also try to obtain information through email, instant messaging, or other electronic means. This may involve using social engineering techniques, such as pretending to be a legitimate source, sending urgent messages, and trying to gain access to accounts through compromised credentials.
Pages in category "Phishing for Information"
The following 3 pages are in this category, out of 3 total.