Fake Social Media Profiles

Goal: Gather information about attackers and their social engineering tactics by creating fake social media profiles.

Approach: Creating and monitoring fake social media profiles to attract attackers.

Create fake social media profiles that appear to belong to employees or partners. Monitor any interactions with these profiles to identify attackers, gather information about their reconnaissance techniques, and understand their social engineering tactics.

Engage Goals: EGO0003 Elicit

Engage Approach: EAP0001 Collect

Engage Actions: EAC0012 Personas, EAC0015 Information Manipulation

Name of Element: Fake Social Media Profiles

Description of Element:

Goal: Gather information about attackers and their social engineering tactics by creating fake social media profiles.

Approach: Creating and monitoring fake social media profiles to attract attackers.

Create fake social media profiles that appear to belong to employees or partners. Monitor any interactions with these profiles to identify attackers, gather information about their reconnaissance techniques, and understand their social engineering tactics.

Technical Context:

 These profiles can be tailored to specific roles or departments within the organization to attract different types of attackers. This aligns with the MITRE ATT&CK technique T1589.002 (Gather Victim Identity Information: Social Media).

Other:

Combine this with deceptive direct messages or posts to further engage attackers and gather intelligence.

Leave a Reply