This document outlines the criteria for how to tag a template based on our tiered difficulty system.
Tier 1: Templates that do not have any branding for companies they are copying. Spelling errors are common. No company/target variables are present. Image assets are broken or non existent. The domain and sender doesn't give any context and does not present any social engineering. Lack of context, could originate from a low trust source.
Tier 2: Brand knock off where the images and email attempt to copy a brand, but do not exactly match. No use of target variables. A domain is not a good match the template content. The companies are consumer facing like Steam, Chick Fil A Coinbase etc...
Tier 3: Brand knock off where the images and email attempt to copy a brand, but do not exactly match. This would be like our Minisoft and Amazone templates where we get close but do not directly rip off of a product or service. Minimal or no use of target variables. A domain is available to match the template content. Can include an attachment.
Tier 4: A direct copy of a company's logos and branding names. Template variables are being used to copy target details into the sender domain and content of the email. A domain must match the attack. Can include an attachment
Tier 5: A direct copy of a company's logos and branding names. Template variables are being used to copy target details into the sender domain and content of the email. A domain must match the attack. The targets that are being selected are high profile individuals with a greater security risk. Calls for a reply to action from a spear phishing type of attack. Can include a attachment.
Comments
0 comments
Please sign in to leave a comment.