After they already have access to accounts or systems within the environment, adversaries may use internal spearphishing to gain access to additional information or compromise other users within the same organization.
Tactics
TA0008
See: MITRE ATT&CK