Threat DF.Auth.HuWSMSDF.3

URI: DF.Auth.HuWSMSDF.3

Description: Smishing attack fools Human feeding malicious URL to WebBrowser: user Human clicks on a malicious link in a text message on their phone Host, sending it to their web browser WebBrowser.

Threat Type: Primary Threat

Matching Pattern:

MP-HuWSMSDF

Finds a Human using a web browser and an SMS client on the same host, accessing URLs from SMS messages via the browser.

(empty)

DF.Auth.PDFIDADFI.0

Unauthentic data Data from FlowsFrom forwarded by Process to FlowsTo: if the flow of data Data from process FlowsFrom to process Process is unauthentic, so is the forwarded flow to FlowsTo.

DF.Auth.PDFODADFO.0

DS.Auth.HPDFDADS.0

Flow of unauthentic data Data from FlowsFrom is stored by data service Process: if the flow of data Data from FlowsFrom to Process is unauthentic, then so will be the copy saved locally on device Host by Process.

Se.Auth.SePDsFF.0

Loss of authenticity at sensor Sensor: if the onboard data received from a sensor by any client is altered by an attacker, it is modelled as a loss of authenticity at the sensor.

(empty)

LossOfAuthenticity at Role_DataFlow

CSG-UserSecurityTraining

Users in the role Human are trained to avoid most common cyber security errors by using only strong passwords, recognising malicious emails, and the importance of physical security including the use of screen locking for fixed devices that cannot be carried on the person.

Threat DF.Auth.HuWSMSDF.3

MP-HuWSMSDF

Triggered by Threat (0)

Triggers Secondary Threats (4)

DF.Auth.PDFIDADFI.0

DF.Auth.PDFODADFO.0

DS.Auth.HPDFDADS.0

Se.Auth.SePDsFF.0

Triggered By Control Strategy (0)

Misbehaviour Sets (1)

Control Strategies (1)