Discover target logon/email address format
Email addresses, logon credentials, and other forms of online identification typically share a common format. This makes guessing other credentials within the same domain easier. For example if a known email address is firstname.lastname@example.org it is likely that others in the company will have an email in the same format. 
DetectionDetectable by Common Defenses (Yes/No/Partial): No
Explanation: Easily determined and not intended to be protected information. Publicly collected and shared repositories of email addresses exist.
Difficulty for the AdversaryEasy for the Adversary (Yes/No): Yes
Explanation: Scraping of known email addresses from the target will likely reveal the target standard for address/username format. This information is easily discoverable.
- Rotem Kerner. (2015, October). RECONNAISSANCE: A Walkthrough of the “APT” Intelligence Gathering Process. Retrieved March 1, 2017.