Which of the following is an example of a vulnerability malware ransomware spear phishing URL redirection?

The reason why threat actors often find success in phishing is that they exploit the greatest vulnerability of all: human emotions. A phishing attack becomes successful only if the user falls for social engineering tricks. So, the trick is to be careful. Good awareness and experience can help you detect almost all types of phishing attacks. Here’s how:

• See if the mail addresses you by name. Phishing emails mostly use generic salutations like ‘dear customer’ or ‘deal member’.

• Legitimate companies don’t request sensitive information via email, SMS, or calls. So, double-check if you see something like that.

• A mail from doesn’t mean it’s from Amazon. Why? Read the mail address again and check how ‘amazon.com’ is spelled. Attackers often use different variations of a legitimate brand to look less suspicious. 

• Be alert when someone from your enterprise, especially your superior who doesn't contact you that often, suddenly starts messaging you. If they ask for any sensitive information via message, don’t hesitate to call them up in person to double-check. 

• If anyone tries to reach out via social media claiming that they are from a particular company, check if their profiles are verified (blue tick). You can also contact customer support directly via phone or website to verify.

• It’s better to avoid short links altogether, no matter the source. You can’t see the domain or SSL on short URLs; so, it’s not safe to open such links, especially if they're embedded in an email or SMS.

• Phishing emails often have a large number of spelling mistakes. The way they use grammar is a bigger crime than the phishing attack itself. If you feel the language is somewhat off, it’s probably a phishing email. 

• Educate employees, especially newbies and untrained, about phishing emails and also the dos and don'ts while using email, social media, and applications while on the enterprise network.

• Use a network detection and response (NDR) application for your enterprise to track any suspicious activity.

S0677 AADInternals

AADInternals can send "consent phishing" emails containing malicious links designed to steal users’ access tokens.[3]

S0584 AppleJeus

AppleJeus has been distributed via spearphishing link.[4]

G0006 APT1

APT1 has sent spearphishing emails containing hyperlinks to malicious files.[5]

G0007 APT28

APT28 sent spearphishing emails which used a URL-shortener service to masquerade as a legitimate service and to redirect targets to credential harvesting sites.[6][7][8][9]

G0016 APT29

APT29 has used spearphishing with a link to trick victims into clicking on a link to a zip file containing malicious files.[10][11][12]

G0022 APT3

APT3 has sent spearphishing emails containing malicious links.[13]

G0050 APT32

APT32 has sent spearphishing emails containing malicious links.[14][15][16][17][18]

G0064 APT33

APT33 has sent spearphishing emails containing links to .hta files.[19][20]

G0087 APT39

APT39 leveraged spearphishing emails with malicious links to initially compromise victims.[21][22]

S0534 Bazar

Bazar has been spread via emails with embedded malicious links.[23][24][25]

G0098 BlackTech

BlackTech has used spearphishing e-mails with links to cloud services to deliver malware.[26]

G0080 Cobalt Group

Cobalt Group has sent emails with URLs pointing to malicious documents.[27][28]

G0142 Confucius

Confucius has sent malicious links to victims through email campaigns.[29]

G0066 Elderwood

Elderwood has delivered zero-day exploits and malware to victims via targeted emails containing a link to malicious content hosted on an uncommon Web server.[30][31]

S0367 Emotet

Emotet has been delivered by phishing emails containing links. [32][33][34][35][36][37][38][38][39]

G0120 Evilnum

Evilnum has sent spearphishing emails containing a link to a zip file hosted on Google Drive.[40]

G0085 FIN4

FIN4 has used spearphishing emails (often sent from compromised accounts) containing malicious links.[41][42]

G0046 FIN7

FIN7 has conducted broad phishing campaigns using malicious links.[43]

G0061 FIN8

FIN8 has distributed targeted emails containing links to malicious documents with embedded macros.[44]

S0531 Grandoreiro

Grandoreiro has been spread via malicious links embedded in e-mails.[45][46]

S0561 GuLoader

GuLoader has been spread in phishing campaigns using malicious web links.[47]

S0499 Hancitor

Hancitor has been delivered via phishing emails which contained malicious links.[48]

S0528 Javali

Javali has been delivered via malicious links embedded in e-mails.[49]

S0585 Kerrdown

Kerrdown has been distributed via e-mails containing a malicious link.[18]

G0094 Kimsuky

Kimsuky has sent spearphishing emails containing a link to a document that contained malicious macros or took the victim to an actor-controlled domain.[50][51][52]

S0669 KOCTOPUS

KOCTOPUS has been distributed as a malicious link within an email.[53]

G0032 Lazarus Group

Lazarus Group has sent malicious links to victims via email.[54][55][56]

G0140 LazyScripter

LazyScripter has used spam emails that contain a link that redirects the victim to download a malicious document.[53]

G0065 Leviathan

Leviathan has sent spearphishing emails with links, often using a fraudulent lookalike domain and stolen branding.[57][58]

G0095 Machete

Machete has sent phishing emails that contain a link to an external server with ZIP and RAR archives.[59][60]

G0059 Magic Hound

Magic Hound has sent malicious URL links through email to victims. In some cases the URLs were shortened or linked to Word documents with malicious macros that executed PowerShells scripts to download Pupy.[61][62][63]

S0530 Melcoz

Melcoz has been spread through malicious links embedded in e-mails.[49]

G0103 Mofang

Mofang delivered spearphishing emails with malicious links included.[64]

G0021 Molerats

Molerats has sent phishing emails with malicious links included.[65]

G0069 MuddyWater

MuddyWater has sent targeted spearphishing e-mails with malicious links.[66][67]

G0129 Mustang Panda

Mustang Panda has delivered web bugs and malicious links to their intended targets.[68][69]

S0198 NETWIRE

NETWIRE has been spread via e-mail campaigns utilizing malicious links.[47]

G0014 Night Dragon

Night Dragon sent spearphishing emails containing links to compromised websites where malware was downloaded.[70]

G0049 OilRig

OilRig has sent spearphising emails with malicious links to potential victims.[71]

G0040 Patchwork

Patchwork has used spearphishing with links to deliver files with exploits to initial victims. The group has also used embedded image tags (known as web bugs) with unique, per-recipient tracking links in their emails for the purpose of identifying which recipients opened messages.[72][73][74][75]

S0453 Pony

Pony has been delivered via spearphishing emails which contained malicious links.[76]

S0650 QakBot

QakBot has spread through emails with malicious links.[77][78][79][80][81][82]

G0034 Sandworm Team

Sandworm Team has crafted phishing emails containing malicious hyperlinks.[83]

G0121 Sidewinder

Sidewinder has sent e-mails with malicious links often crafted for specific targets.[84][85]

S0646 SpicyOmelette

SpicyOmelette has been distributed via emails containing a malicious link that appears to be a PDF document.[28]

G0092 TA505

TA505 has sent spearphishing emails containing malicious links.[86][87][88][89]

G0134 Transparent Tribe

Transparent Tribe has embedded links to malicious downloads in e-mails.[90][91]

S0266 TrickBot

TrickBot has been delivered via malicious links in phishing e-mails.[92]

G0010 Turla

Turla attempted to trick targets into clicking on a link featuring a seemingly legitimate domain from Adobe.com to download their malware and gain initial access.[93]

S0476 Valak

Valak has been delivered via malicious links in e-mail.[94]

G0112 Windshift

Windshift has sent spearphishing emails with links to harvest credentials and deliver malware.[95]

G0102 Wizard Spider

Wizard Spider has sent phishing emails containing a link to an actor-controlled Google Drive document or other free online file hosting services.[96][97]

G0128 ZIRCONIUM

ZIRCONIUM has used malicious links and web beacons in e-mails for malware download and to track hits to attacker-controlled URL's.[98][99][100]

Is phishing a malware?

What are the 4 types of phishing?

Is ransomware a phishing?

What are the 3 types of phishing?