AML.T0052Phishing

Adversaries may send phishing messages to gain access to victim systems. All forms of phishing are electronically delivered social engineering. Phishing can be targeted, known as spearphishing. In spearphishing, a specific individual, company, or industry will be targeted by the adversary. More generally, adversaries can conduct non-targeted phishing, such as in mass malware spam campaigns. Generative AI, including LLMs that generate synthetic text, visual deepfakes of faces, and audio deepfakes of speech (See [Generate Deepfakes](/techniques/AML.T0088)), is enabling adversaries to scale targeted phishing campaigns (See [Spearphishing via Social Engineering LLM](/techniques/AML.T0052.000)). LLMs can interact with users via text conversations and can be programmed with a system prompt to phish for sensitive information. Deepfakes can also be used in [Impersonation](/techniques/AML.T0073) as an aid to phishing.