MITRE ATT&CK / T1598
T1598
Phishing for Information
Description
Adversaries may send phishing messages to elicit sensitive information that can be used during targeting. Phishing for information is an attempt to trick targets into divulging information, frequently credentials or other actionable information. Phishing for information is different from [Phishing](https://attack.mitre.org/techniques/T1566) in that the objective is gathering data from the victim rather than executing malicious code.All forms of phishing are electronically delivered social engineering. Phishing can be targeted, known as spearphishing. In spearphishing, a specific individual, company, or industry will be targeted by the adversary. More generally, adversaries can conduct non-targeted phishing, such as in mass credential harvesting campaigns.Adversaries may also try to obtain information directly through the exchange of emails, instant messages, or other electronic conversation means.(Citation: ThreatPost Social Media Phishing)(Citation: TrendMictro Phishing)(Citation: PCMag FakeLogin)(Citation: Sophos Attachment)(Citation: GitHub Phishery) Victims may also receive phishing messages that direct them to call a phone number where the adversary attempts to collect confidential information.(Citation: Avertium callback phishing)Phishing for information frequently involves social engineering techniques, such as posing as a source with a reason to collect information (ex: [Establish Accounts](https://attack.mitre.org/techniques/T1585) or [Compromise Accounts](http…
Platforms
Mitigations
- M1017 — User Training
- M1054 — Software Configuration
Use our free MITRE ATT&CK lookup tool, or browse the full ATT&CK matrix.
Our coverage
- APT28 Targets Western Logistics and Tech Firms Supporting Ukraine Aid
- FEMITBOT: Telegram Mini Apps Used for Crypto Scams and Android Malware Delivery
Source: MITRE ATT&CK Enterprise matrix. View on attack.mitre.org →