Impersonation Flashcards
Impersonation is the act of pretending to be somebody else. This can be used by malicious actors to trick their target into thinking they are someone they know, making them more likely to open and interact with a phishing email. A malicious actor could pose as a friend, a colleague, or even someone higher up within the organization, such as a manager, director, or even the CEO.
If the target is being told to do something by someone with more authority, then they will potentially spend less time thinking about what they are being asked to do and instead just do what they’re told for fear of being punished or negative consequences arising as a result of their inaction.
The below diagram shows an example phishing attack where a malicious actor is posing as the CEO to convince an employee in the Finance Department to send funds to an attacker-owned bank account.
