"description":"Taxonomy to classify phishing attacks including techniques, collection mechanisms and analysis status.",
"version":1,
"predicates":[
{
"value":"techniques",
"expanded":"Techniques",
"description":"Phishing techniques used."
},
{
"value":"reported",
"expanded":"Reported",
"description":"How the phishing information was reported."
},
{
"value":"origin",
"expanded":"Origin",
"description":"Origin or source of the phishing information such as tools or services."
},
{
"value":"action",
"expanded":"Action",
"description":"Action(s) taken related to the phishing tagged with this taxonomy."
},
{
"value":"state",
"expanded":"State",
"description":"State of the phishing."
}
],
"values":[
{
"predicate":"techniques",
"entry":[
{
"value":"fake-website",
"expanded":"Social engineering fake website",
"description":"Adversary controls a fake website to phish for credentials or information."
},
{
"value":"email-spoofing",
"expanded":"Social engineering email spoofing",
"description":"Adversary sends email with domains related to target. Adversary controls the domains used."
},
{
"value":"clone-phishing",
"expanded":"Clone phishing",
"description":"Adversary clones an email to target potential victims with duplicated content."
},
{
"value":"voice-phishing",
"expanded":"Voice phishing",
"description":"Adversary use voice-based techniques to trick a potential victim to give credentials or sensitive information. This is also named as vishing."