Insider Threat Matrix™Insider Threat Matrix™
  • ID: PR022.003
  • Created: 07th July 2026
  • Updated: 07th July 2026
  • MITRE ATT&CK®: T1566
  • Contributor: The ITM Team

Outbound Social Engineering via SMS or Messaging

A subject uses SMS, mobile messaging, or collaboration messaging platforms to deceive, manipulate, or persuade another person into disclosing information, clicking a link, approving access, moving a conversation to another channel, or performing an action that may support a later infringement. This may involve corporate messaging tools, personal messaging applications, mobile numbers, or externally hosted communication services.

 

This behavior may exploit the informal, immediate, and trusted nature of messaging channels. The subject may rely on urgency, familiarity, limited message context, or out-of-band communication to reduce scrutiny and influence the recipient’s response. The intended outcome may include credential capture, information disclosure, access approval, link interaction, process bypass, or coordination of activity outside formal organizational workflows.