Engage Goals: EGO0001 Expose, EGO0003 Elicit
Engage Approach: EAP0001 Collect, EAP0002 Detect
Engage Actions: EAC0009 Email Manipulation, EAC0012 Personas
Name of Element: Deceptive Phishing Campaigns
Description of Element:
Goal: Identify susceptible individuals and gather information about ongoing phishing campaigns.
Approach: Launching controlled phishing campaigns with deceptive lures.
Conduct internal phishing campaigns with fake but believable phishing emails. Track who clicks on links, downloads attachments, or provides sensitive information. This reveals vulnerable individuals and gathers intelligence about attacker tactics.
Technical Context:
These campaigns can mimic real-world phishing attacks, but instead of delivering malware, they redirect users to educational resources or capture information about their susceptibility. This aligns with the MITRE ATT&CK technique T1566 (Phishing) and the MITRE Engage™ framework, specifically the C0005 (Drive-by Compromise) tactic.
Other:
Vary the types of phishing lures and their content to assess different types of social engineering techniques.