Detailedlikelihood: Lowseverity: MediumDraft

CAPEC-631SoundSquatting

Abstraction
Detailed
Status
Draft
Likelihood
Low
Severity
Medium

Description

An adversary registers a domain name that sounds the same as a trusted domain, but has a different spelling. A SoundSquatting attack takes advantage of a user's confusion of the two words to direct Internet traffic to adversary-controlled destinations. SoundSquatting does not require an attack against the trusted domain or complicated reverse engineering.

Related attack patterns· 3

CAPEC-616 (ChildOf)CAPEC-89 (CanPrecede)CAPEC-543 (CanPrecede)

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
TypoSquatting
CAPEC
BitSquatting
CAPEC
Homograph Attack via Homoglyphs
CAPEC
Scheme Squatting
CAPEC
DNS Spoofing
CAPEC
DNS Cache Poisoning
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.