Insider Threat Matrix™Insider Threat Matrix™
  • ID: PR022.001
  • Created: 07th July 2026
  • Updated: 07th July 2026
  • MITRE ATT&CK®: T1566T1566.001T1566.002T1566.003
  • Contributor: The ITM Team

Outbound Social Engineering via Email

A subject uses email to deceive, manipulate, or persuade another person into disclosing information, performing an action, approving a request, or enabling access that may support a later infringement. The subject may send messages from a corporate mailbox, personal account, spoofed address, compromised account, or third-party service in order to create a convincing pretext.

 

This behavior may involve impersonating a colleague, manager, vendor, customer, service provider, or trusted authority. The subject may use urgency, confidentiality, procedural familiarity, or organizational context to influence the recipient’s decision-making. The intended outcome may include obtaining credentials, internal process information, sensitive documents, access approvals, financial changes, or other information or actions that prepare the subject for further misuse.