“attackers continue to pose as help desks in social engineering attacks researchers at google ’ s threat intelligence group ( gtig ) are tracking a new threat actor that ’ s impersonating help desks to trick users into installing malware. the threat actor, which gtig tracks as “ u…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.004Spearphishing Voice
79%
“attackers continue to pose as help desks in social engineering attacks researchers at google ’ s threat intelligence group ( gtig ) are tracking a new threat actor that ’ s impersonating help desks to trick users into installing malware. the threat actor, which gtig tracks as “ u…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1204.002Malicious File
35%
“attackers continue to pose as help desks in social engineering attacks researchers at google ’ s threat intelligence group ( gtig ) are tracking a new threat actor that ’ s impersonating help desks to trick users into installing malware. the threat actor, which gtig tracks as “ u…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1667Email Bombing
31%
“attackers continue to pose as help desks in social engineering attacks researchers at google ’ s threat intelligence group ( gtig ) are tracking a new threat actor that ’ s impersonating help desks to trick users into installing malware. the threat actor, which gtig tracks as “ u…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Researchers at Google’s Threat Intelligence Group (GTIG) are tracking a new threat actor that’s impersonating help desks to trick users into installing malware. The threat actor, which GTIG tracks as “UNC6692,” begins by sending a large volume of spam emails to the victim, then initiates contact via Microsoft Teams to ostensibly help the user block the spam.
