Phishing

Mariusz Banach proposes a taxonomy for phishing payloads based on real-world observations of adversary behaviour. He represents it as DELIVERY(CONTAINER(TRIGGER + PAYLOAD + DECOY)) where:

  • Delivery is the technique used to deliver the package to the victim.

  • Container is the container format used to package the files.

  • Trigger is the means to trigger payload execution.

  • Payload is the malicious code to execute.

  • Decoy is a file to display to the victim.

PreviousAttacking Common ServicesNextPrivilege Escalation

Last updated