ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CSA Cloud Controls Matrix (CCM)
CRI Profile
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 12.1 Enterprise and VERIS 1.3.7.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Any type of *ishing. Phishing always involves getting data from the victim. Phishing usually has some element of pretexting, but often it doesn’t rise to the level of an invented scenario. E.g. A fake google login page isn’t really pretexting.
VERIS
action.social.variety.Phishing
Mappings
ATT&CK Version
12.1
ATT&CK Domain
Enterprise
VERIS
1.3.7
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.social.variety.Phishing
Any type of *ishing. Phishing always involves getting data from the victim. Phishing usually has some element of pretexting, but often it doesn’t rise to the level of an invented scenario. E.g. A fake google login page isn’t really pretexting.
related-to
T1586.001
Compromise Account: Social Media Accounts
action.social.variety.Phishing
Any type of *ishing. Phishing always involves getting data from the victim. Phishing usually has some element of pretexting, but often it doesn’t rise to the level of an invented scenario. E.g. A fake google login page isn’t really pretexting.
related-to
T1036.002
Masquerading: Right-to-Left Override
action.social.variety.Phishing
Any type of *ishing. Phishing always involves getting data from the victim. Phishing usually has some element of pretexting, but often it doesn’t rise to the level of an invented scenario. E.g. A fake google login page isn’t really pretexting.
related-to
T1204
User Execution
action.social.variety.Phishing
Any type of *ishing. Phishing always involves getting data from the victim. Phishing usually has some element of pretexting, but often it doesn’t rise to the level of an invented scenario. E.g. A fake google login page isn’t really pretexting.
related-to
T1204.001
User Execution: Malicious Link
action.social.variety.Phishing
Any type of *ishing. Phishing always involves getting data from the victim. Phishing usually has some element of pretexting, but often it doesn’t rise to the level of an invented scenario. E.g. A fake google login page isn’t really pretexting.
related-to
T1204.002
User Execution: Malicious File
action.social.variety.Phishing
Any type of *ishing. Phishing always involves getting data from the victim. Phishing usually has some element of pretexting, but often it doesn’t rise to the level of an invented scenario. E.g. A fake google login page isn’t really pretexting.
related-to
T1204.003
User Execution: Malicious Image
action.social.variety.Phishing
Any type of *ishing. Phishing always involves getting data from the victim. Phishing usually has some element of pretexting, but often it doesn’t rise to the level of an invented scenario. E.g. A fake google login page isn’t really pretexting.
related-to
T1566.001
Phishing: Spearphishing Attachment
action.social.variety.Phishing
Any type of *ishing. Phishing always involves getting data from the victim. Phishing usually has some element of pretexting, but often it doesn’t rise to the level of an invented scenario. E.g. A fake google login page isn’t really pretexting.
related-to
T1598.002
Phishing for Information: Spearphishing Attachment
action.social.variety.Phishing
Any type of *ishing. Phishing always involves getting data from the victim. Phishing usually has some element of pretexting, but often it doesn’t rise to the level of an invented scenario. E.g. A fake google login page isn’t really pretexting.
related-to
T1598.003
Phishing for Information: Spearphishing Link
action.social.variety.Phishing
Any type of *ishing. Phishing always involves getting data from the victim. Phishing usually has some element of pretexting, but often it doesn’t rise to the level of an invented scenario. E.g. A fake google login page isn’t really pretexting.
related-to
T1566
Phishing
action.social.variety.Phishing
Any type of *ishing. Phishing always involves getting data from the victim. Phishing usually has some element of pretexting, but often it doesn’t rise to the level of an invented scenario. E.g. A fake google login page isn’t really pretexting.
related-to
T1566.002
Phishing: Spearphishing Link
action.social.variety.Phishing
Any type of *ishing. Phishing always involves getting data from the victim. Phishing usually has some element of pretexting, but often it doesn’t rise to the level of an invented scenario. E.g. A fake google login page isn’t really pretexting.
related-to
T1566.003
Phishing: Spearphishing via Service
action.social.variety.Phishing
Any type of *ishing. Phishing always involves getting data from the victim. Phishing usually has some element of pretexting, but often it doesn’t rise to the level of an invented scenario. E.g. A fake google login page isn’t really pretexting.
related-to
T1598
Phishing for Information
action.social.variety.Phishing
Any type of *ishing. Phishing always involves getting data from the victim. Phishing usually has some element of pretexting, but often it doesn’t rise to the level of an invented scenario. E.g. A fake google login page isn’t really pretexting.
related-to
T1598.001
Phishing for Information: Spearphishing Service
