TECHNIQUES
- Home
- Techniques
- PRE-ATT&CK
- Discover target logon/email address format
Discover target logon/email address format
Email addresses, logon credentials, and other forms of online identification typically share a common format. This makes guessing other credentials within the same domain easier. For example if a known email address is [email protected] it is likely that others in the company will have an email in the same format. [1]
ID: T1255
Sub-techniques:
No sub-techniques
Tactic:
Technical Information Gathering
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Easily determined and not intended to be protected information. Publicly collected and shared repositories of email addresses exist.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Scraping of known email addresses from the target will likely reveal the target standard for address/username format. This information is easily discoverable.
References
- Rotem Kerner. (2015, October). RECONNAISSANCE: A Walkthrough of the “APT” Intelligence Gathering Process. Retrieved March 1, 2017.
×