Conduct social engineering
Social Engineering is the practice of manipulating people in order to get them to divulge information or take an action.  
Tactic: Technical Information Gathering
Similar Techniques by Tactic
|Organizational Information Gathering||Conduct social engineering|
|People Information Gathering||Conduct social engineering|
DetectionDetectable by Common Defenses (Yes/No/Partial): No
Explanation: No technical means to detect an adversary collecting technical information about a target. Any detection would be based upon strong OPSEC policy implementation.
Difficulty for the AdversaryEasy for the Adversary (Yes/No): Yes
Explanation: Very effective technique for the adversary that does not require any formal training and relies upon finding just one person who exhibits poor judgement.
- Mathew J. Schwartz. (2011, September 14). Social Engineering Leads APT Attack Vectors. Retrieved March 5, 2017.
- Gary Beach. (2003, October 1). Kevin Mitnick on Social Engineering Hackers. Retrieved March 5, 2017.