CAPEC-414: Pretexting via Delivery Person
An adversary engages in pretexting behavior, assuming the role of a delivery person, to solicit information from target persons, or manipulate the target into performing an action that serves the adversary's interests. Impersonating a delivery person is an effective attack and an easy attack since not much acting is involved. Usually the hardest part is looking the part and having all of the proper credentials, papers and "deliveries" in order to be able to pull it off.
Last updated
Overview
CAPEC-414 (Pretexting via Delivery Person) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.
Frequently asked questions
Common questions about CAPEC-414.
What is CAPEC-414?
An adversary engages in pretexting behavior, assuming the role of a delivery person, to solicit information from target persons, or manipulate the target into performing an action that serves the adversary's interests. Impersonating a delivery person is an effective attack and an easy attack since not much acting is involved. Usually the hardest part is looking the part and having all of the proper credentials, papers and "deliveries" in order to be able to pull it off.
How severe is CAPEC-414?
MITRE rates CAPEC-414 as Low severity.