Home > CAPEC List > CAPEC-415: Pretexting via Phone (Version 2.11)  

CAPEC-415: Pretexting via Phone

 
Pretexting via Phone
Definition in a New Window Definition in a New Window
Attack Pattern ID: 415
Abstraction: Detailed
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

An adversary engages in pretexting behavior, assuming some sort of trusted role, and contacting the targeted individual or organization via phone to solicit information from target persons, or manipulate the target into performing an action that serves the adversary's interests. This is the most common social engineering attack. Some of the most commonly effective approaches are to impersonate a fellow employee, impersonate a computer technician or to target help desk personnel.

+ Typical Severity

Low

+ References
[R.415.1] [REF-30] "The Official Social Engineering Portal". Social-Engineer.org. Tick Tock Computers, LLC. <http://www.social-engineer.org>.
+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team
Modifications
ModifierOrganizationDateCommentsSource
CAPEC Content TeamThe MITRE Corporation2017-08-04Updated Description SummaryInternal

More information is available — Please select a different filter.
Page Last Updated or Reviewed: July 31, 2017