Impersonation

Type: technique

Description: Adversaries may impersonate a trusted person or organization in order to persuade and trick a target into performing some action on their behalf. For example, adversaries may communicate with victims (via Phishing, or Spearphishing via Social Engineering LLM) while impersonating a known sender such as an executive, colleague, or third-party vendor. Established trust can then be leveraged to accomplish an adversary's ultimate goals, possibly against multiple victims.

Adversaries may target resources that are part of the AI DevOps lifecycle, such as model repositories, container registries, and software registries.

Version: 0.1.0

Created At: 2025-07-23 10:23:39 -0400

Last Modified At: 2025-07-23 10:23:39 -0400

External References

• Model Confusion - Weaponizing ML models for red teams and bounty hunters, threlfall_hax

Related Objects

• --> Defense Evasion (tactic): An adversary can evade detection and bypass security controls by impersonating trusted individuals or organizations, leveraging established trust relationships to avoid suspicion from users and security systems.

Related Frameworks

• MITRE ATLAS - AML.T0073