| ID | Name |
|---|---|
| ATAGS-T1013.001 | Spear Phishing to Ground Segment Operators |
| ATAGS-T1013.002 | Spear Phishing to Industry/Space Agencies |
| ATAGS-T1013.003 | Spearphishing Attachment |
| ATAGS-T1013.004 | Spearphishing Link |
| ATAGS-T1013.005 | Spearphishing Service |
| ATAGS-T1013.006 | Spearphishing Voice |
Threat actors may send spearphishing messages with a malicious attachment to elicit sensitive information that can be used during targeting. Spearphishing for information is an attempt to trick targets into divulging information, frequently credentials or other actionable information. Spearphishing for information frequently involves social engineering techniques, such as posing as a source with a reason to collect information (ex: Establish Accounts or Compromise Accounts) and/or sending multiple, seemingly urgent messages.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.