| ID | Name |
|---|---|
| ATAGS-T1029.001 | Spearphishing Link |
| ATAGS-T1029.002 | Spearphishing Voice |
| ATAGS-T1029.003 | Phishing Attachment |
| ATAGS-T1029.004 | Spearphishing via Service |
Threat actors may send spearphishing emails with a malicious attachment in an attempt to gain access to victim systems. Spearphishing attachment is a specific variant of spearphishing. Spearphishing attachment is different from other forms of spearphishing in that it employs the use of malware attached to an email. All forms of spearphishing are electronically delivered social engineering targeted at a specific individual, company, or industry. In this scenario, Threat actors attach a file to the spearphishing email and usually rely upon User Execution to gain execution. Spearphishing may also involve social engineering techniques, such as posing as a trusted source.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.