CAPEC-417

Standard Abstraction Level
Meta — Very abstract, high-level category
Standard — Specific enough to understand
Detailed — Tied to specific technique
Stable MITRE CAPEC Status
Stable — Fully reviewed and complete
Draft — Under development
Incomplete — Partially defined
Deprecated — No longer recommended
Obsolete — Replaced by another CAPEC
Likelihood: High Severity: Low
Influence Perception

Description

The adversary uses social engineering to exploit the target's perception of the relationship between the adversary and themselves. This goal is to persuade the target to unknowingly perform an action or divulge information that is advantageous to the adversary.

Prerequisites

The adversary must have the means and knowledge of how to communicate with the target in some manner.

Mitigations

An organization should provide regular, robust cybersecurity training to its employees to prevent social engineering attacks.

Skills Required

[Low] The adversary requires strong inter-personal and communication skills.