Home > CAPEC List > CAPEC-569: Collect Data as Provided by Users (Version 2.11)  

CAPEC-569: Collect Data as Provided by Users

Collect Data as Provided by Users
Definition in a New Window Definition in a New Window
Attack Pattern ID: 569
Abstraction: Standard
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

An attacker leverages a tool, device, or program to obtain specific information as provided by a user of the target system. This information is often needed by the attacker to launch a follow-on attack. This attack is different than Social Engineering as the adversary is not tricking or deceiving the user. Instead the adversary is putting a mechanism in place that captures the information that a user legitimately enters into a system. Deploying a keylogger, performing a UAC prompt, or wrapping the Windows default credential provider are all examples of such interactions.

+ References
[R.568.1] ATT&CK Project. "User Interaction (1056)". MITRE. <https://attack.mitre.org/wiki/User_interaction>.
+ Content History
CAPEC Content TeamThe MITRE Corporation2015-11-09Internal_CAPEC_Team

More information is available — Please select a different filter.
Page Last Updated or Reviewed: August 04, 2017