Professional Documents
Culture Documents
6.2.2 Multiple-Stage Phishing Attack
6.2.2 Multiple-Stage Phishing Attack
6.2.2
The multiple-stage attack follows a similar pattern, but once the attacker has UIT system access,
the attacker identifies other potential UITs and subsequently directs social engineering at them.
The attacker may also use the access gained to probe the UITs system to obtain various forms of
internal system information. The workflow diagram in Figure 12 shows the general attack chain.
This diagram identifies the ordering and decision processes involved in each phase of the exploit.
CMU/SEI-2013-TN-024 | 38