CAPEC-422: Influence Perception of Commitment and Consistency
Influence Perception of Commitment and Consistency
Definition in a New
Attack Pattern ID: 422
An adversary uses social engineering to convince the target to do minor tasks as opposed to larger actions. After complying with a request, individuals are more likely to agree to subsequent requests that are similar in type and required effort.
The adversary must have the means and knowledge of how to communicate with the target in some manner.
Typical Likelihood of Exploit
Methods of Attack
Attacker Skills or Knowledge Required
Skill or Knowledge Level: Low
The adversary requires strong inter-personal and communication skills.
None: No specialized resources are required to execute this type of attack.
Solutions and Mitigations
An organization should provide regular, robust cybersecurity training to its employees to prevent social engineering attacks.
Individuals should avoid complying with suspicious requests.
"Varies by context"
Attacks that leverage the principle of scarcity can lead to the target performing an action that results in a variety of consequences that negatively affect the confidentiality, availability, and/or integrity of an application or system.
Target Influence via Perception of Commitment and Consistency
More information is available — Please select a different filter.
Page Last Updated or Reviewed:
August 04, 2017
Use of the Common Attack Pattern Enumeration and Classification dictionary and classification taxonomy, and the associated references from this website, are subject to the