- Home
- Techniques
- PRE-ATT&CK
- Choose pre-compromised persona and affiliated accounts
Choose pre-compromised persona and affiliated accounts
For attacks incorporating social engineering the utilization of an on-line persona is important. Utilizing an existing persona with compromised accounts may engender a level of trust in a potential victim if they have a relationship, or knowledge of, the compromised persona. [1] [2]
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Possible to detect compromised credentials if alerting from a service provider is enabled and acted upon by the individual.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: It is relatively easy and low cost to purchase compromised credentials. Mining social media sites offers open source information about a particular target. Most users tend to reuse passwords across sites and are not paranoid enough to check and see if spoofed sites from their persona exist across current social media.
References
- PETER BRIGHT. (2011, February 15). Anonymous speaks: the inside story of the HBGary hack. Retrieved March 9, 2017.
- Marcus Habert. (2015, November 8). What Happens to Hacked Social Media Accounts. Retrieved March 28, 2017.