Home > CAPEC List > CAPEC-410: Information Elicitation (Version 2.11)  

CAPEC-410: Information Elicitation

 
Information Elicitation
Definition in a New Window Definition in a New Window
Attack Pattern ID: 410
Abstraction: Meta
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

An adversary engages an individual using any combination of social engineering methods for the purpose of extracting information. Accurate contextual and environmental queues, such as knowing important information about the target company or individual can greatly increase the success of the attack and the quality of information gathered. Authentic mimicry combined with detailed knowledge increases the success of elicitation attacks.

+ Typical Severity

Low

+ References
[R.410.1] [REF-30] "The Official Social Engineering Portal". Social-Engineer.org. Tick Tock Computers, LLC. <http://www.social-engineer.org>.
+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team
Modifications
ModifierOrganizationDateCommentsSource
CAPEC Content TeamThe MITRE Corporation2017-08-04Updated Description SummaryInternal
Previous Entry Names
DatePrevious Entry Name
2017-08-04Information Elicitation via Social Engineering

More information is available — Please select a different filter.
Page Last Updated or Reviewed: August 03, 2017