Threat actors may impersonate a trusted person or organization in order to persuade and trick a target into performing some action on their behalf. For example, Threat actors may communicate with victims (via Phishing for Information, Phishing, or Internal Spearphishing) while impersonating a known sender such as an executive, colleague, or third-party vendor. Established trust can then be leveraged to accomplish an adversary’s ultimate goals, possibly against multiple victims.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.