Standardlikelihood: Mediumseverity: LowDraft

CAPEC-407Pretexting

Abstraction
Standard
Status
Draft
Likelihood
Medium
Severity
Low

Description

An adversary engages in pretexting behavior to solicit information from target persons, or manipulate the target into performing some action that serves the adversary's interests. During a pretexting attack, the adversary creates an invented scenario, assuming an identity or role to persuade a targeted victim to release information or perform some action. It is more than just creating a lie; in some cases it can be creating a whole new identity and then using that identity to manipulate the receipt of information.

MITRE ATT&CK crosswalk· 1

T1589: Gather Victim Identity Information

Related attack patterns· 3

CAPEC-416 (ChildOf)CAPEC-410 (ChildOf)CAPEC-163 (CanPrecede)

Related to1

TypeTargetConfidenceTier
TechniqueGather Victim Identity Informationt1589100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Pretexting via Phone
CAPEC
Pretexting via Customer Service
CAPEC
Phishing
CAPEC
Pretexting via Delivery Person
CAPEC
DEPRECATED: Pretexting
CAPEC
Influence Perception of Authority
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.