CAPEC-416
Manipulate Human Behavior
MEDIUM
MEDIUM
Stable
2014-06-23 00:00 +00:00
2017-08-04 00:00 +00:00
Alerte pour un CAPEC
Stay informed of any changes for a specific CAPEC.
Description
An adversary exploits inherent human psychological predisposition to influence a targeted individual or group to solicit information or manipulate the target into performing an action that serves the adversary's interests. Many interpersonal social engineering techniques do not involve outright deception, although they can; many are subtle ways of manipulating a target to remove barriers, make the target feel comfortable, and produce an exchange in which the target is either more likely to share information directly, or let key information slip out unintentionally. A skilled adversary uses these techniques when appropriate to produce the desired outcome. Manipulation techniques vary from the overt, such as pretending to be a supervisor to a help desk, to the subtle, such as making the target feel comfortable with the adversary's speech and thought patterns.
Informations
Prerequisites
The adversary must have the means and knowledge of how to communicate with the target in some manner.Mitigations
An organization should provide regular, robust cybersecurity training to its employees to prevent successful social engineering attacks.References
REF-348
The Official Social Engineering Portalhttp://www.social-engineer.org
Submission
| Name | Organization | Date | Date Release |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Modifications
| Name | Organization | Date | Comment |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Attack_Motivation-Consequences, Attack_Prerequisites, Description Summary, Methods_of_Attack, Solutions_and_Mitigations, Typical_Likelihood_of_Exploit | |
| CAPEC Content Team | The MITRE Corporation | Updated Attack_Motivation-Consequences, Description Summary, Solutions_and_Mitigations, Typical_Likelihood_of_Exploit, Typical_Severity |
2024©
tesweb SA
