TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

ESET WeLiveSecurity

Oversharing is not caring: What’s at stake if your employees post too much online

2025-12-01 · Read original ↗

ATT&CK techniques detected

9 predictions
T1684.001Impersonation
83%
"of a typical social engineering attack is intelligence gathering. the next is weaponizing that intelligence in a spearphishing attack designed to trick the recipient into unwittingly installing malware to their device. or potentially to sharing their corporate credentials for ini…"
T1566.002Spearphishing Link
80%
"##by - trapped with malware. - a fraudster finds a video of an executive on linkedin, or a corporate website. they see on that target ’ s instagram / x feed that they ’ re going to be presenting at a conference and will be away from the office. knowing that the exec may be hard t…"
T1566.002Spearphishing Link
70%
"impersonated the cfo in an email to the choa finance team requesting they update their payment details for je dunn. - russia - based seaborgium and iran - aligned ta453 groups use osint for reconnaissance ahead of spearphishing attacks on pre - selected targets. according to the …"
T1566.002Spearphishing Link
57%
"of a typical social engineering attack is intelligence gathering. the next is weaponizing that intelligence in a spearphishing attack designed to trick the recipient into unwittingly installing malware to their device. or potentially to sharing their corporate credentials for ini…"
T1598.003Spearphishing Link
54%
"of a typical social engineering attack is intelligence gathering. the next is weaponizing that intelligence in a spearphishing attack designed to trick the recipient into unwittingly installing malware to their device. or potentially to sharing their corporate credentials for ini…"
T1598Phishing for Information
37%
"##ers post job listings, which may overshare technical details that can be leveraged later on in spearphishing attacks. github is perhaps better known in a cybersecurity context as a place where absent - minded developers post hardcoded secrets, ip and customer details. but they …"
T1598.002Spearphishing Attachment
35%
"of a typical social engineering attack is intelligence gathering. the next is weaponizing that intelligence in a spearphishing attack designed to trick the recipient into unwittingly installing malware to their device. or potentially to sharing their corporate credentials for ini…"
T1598Phishing for Information
34%
"user ( as their account may have been hijacked ). and ensure they can spot phishing, bec and deepfake attempts. back this up with a strict policy on social media use, defining red lines on what can and can ’ t be shared, and applying clear boundaries between personal and professi…"
T1598.001Spearphishing Service
31%
"of a typical social engineering attack is intelligence gathering. the next is weaponizing that intelligence in a spearphishing attack designed to trick the recipient into unwittingly installing malware to their device. or potentially to sharing their corporate credentials for ini…"

Summary

From LinkedIn to X, GitHub to Instagram, there are plenty of opportunities to share work-related information. But posting could also get your company into trouble.