ID: SAT1015
- Initial Access
Email phishing is the classic social engineering attack that involves an email being sent to a target user with an embedded link or malicious attachment. The email is meant to either convince the target to enter their login credentials or open a malicious attachment.
SaaS-focused phishing attacks tend to be focused on capturing credentials and MFA codes where necessary, in order to gain access to SaaS apps.
Traditionally, many organizations would have only had one web-based external endpoint, such as Outlook Web Access. Often phishing attacks would target fake OWA portals and phishing training commonly focus on such scenarios. However, there is a higher number of potential scenarios that could be convincing to a target using a large number of SaaS apps.