Credential Harvesting

GPTKB entity

Statements (49)
Predicate Object
gptkbp:instanceOf Cybersecurity Threat
gptkbp:alsoKnownAs Credential Theft
gptkbp:canAutomate Botnets
Credential Stuffing Tools
gptkbp:category gptkb:Information_Security
cybercrime
Attack Technique
gptkbp:commonVector Phishing Emails
Compromised Websites
Fake Websites
Malicious Attachments
Social Media Scams
gptkbp:describedBy gptkb:MITRE_ATT&CK_Framework
gptkbp:detects Intrusion Detection Systems
Anomalous Login Detection
gptkbp:example 2012 LinkedIn Breach
2014 Yahoo Data Breach
2017 Equifax Breach
https://www.w3.org/2000/01/rdf-schema#label Credential Harvesting
gptkbp:impact gptkb:Data_Breach
Financial Loss
Reputational Damage
Regulatory Penalties
gptkbp:mitigatedBy gptkb:Security_Awareness_Training
gptkb:Network_Monitoring
Multi-Factor Authentication
Strong Password Policies
Anti-Phishing Tools
gptkbp:regulates gptkb:HIPAA
gptkb:PCI_DSS
gptkb:GDPR
gptkbp:relatedTo malware
Phishing
Social Engineering
Keylogging
Man-in-the-Middle Attack
gptkbp:step gptkb:Cyber_Kill_Chain
Credential Access
Initial Access
gptkbp:target Passwords
Usernames
Authentication Tokens
Personal Identification Numbers
gptkbp:usedBy Cybercriminals
gptkbp:usedFor Identity Theft
Unauthorized Access
Account Takeover
gptkbp:bfsParent gptkb:Responder
gptkbp:bfsLayer 7