1. Home
  2. ATT&CK Techniques
  3. T1204.001 Malicious Link

T1204.001 Malicious Link Mappings

An adversary may rely upon a user clicking a malicious link in order to gain execution. Users may be subjected to social engineering to get them to click on a link that will lead to code execution. This user action will typically be observed as follow-on behavior from Spearphishing Link. Clicking on a link may also lead to other execution techniques such as exploitation of a browser or application vulnerability via Exploitation for Client Execution. Links may also lead users to download files that require execution via Malicious File.

View in MITRE ATT&CK®

NIST 800-53 Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CA-07 Continuous Monitoring mitigates T1204.001 Malicious Link
CM-06 Configuration Settings mitigates T1204.001 Malicious Link
SC-44 Detonation Chambers mitigates T1204.001 Malicious Link
SI-08 Spam Protection mitigates T1204.001 Malicious Link
SI-02 Flaw Remediation mitigates T1204.001 Malicious Link
SI-03 Malicious Code Protection mitigates T1204.001 Malicious Link
CM-02 Baseline Configuration mitigates T1204.001 Malicious Link
CM-07 Least Functionality mitigates T1204.001 Malicious Link
SI-04 System Monitoring mitigates T1204.001 Malicious Link
AC-04 Information Flow Enforcement mitigates T1204.001 Malicious Link
SC-07 Boundary Protection mitigates T1204.001 Malicious Link

VERIS Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
action.malware.variety.Other Other related-to T1204.001 Malicious Link

GCP Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
web_risk Web Risk technique_scores T1204.001 Malicious Link
Comments
Web Risk allows client applications to check URLs against Google's list of unsafe web resources. It also can provide warnings when attempting to access potentially unsafe sites. However, Google cannot guarantee that its information is comprehensive and error-free: some risky sites may not be identified, and some safe sites may be classified in error. This has resulted in an overall score of Partial.
References
  1. ['https://cloud.google.com/web-risk/docs/overview']