CAPEC-414: Pretexting via Delivery Person

An adversary engages in pretexting behavior, assuming the role of a delivery person, to solicit information from target persons, or manipulate the target into performing an action that serves the adversary's interests. Impersonating a delivery person is an effective attack and an easy attack since not much acting is involved. Usually the hardest part is looking the part and having all of the proper credentials, papers and "deliveries" in order to be able to pull it off.

Low

Typical severity

Per MITRE

Not rated

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Detailed

Abstraction

MITRE classification

Overview

CAPEC-414 (Pretexting via Delivery Person) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.

CAPEC-414: Pretexting via Delivery Person

Overview

Frequently asked questions

What is CAPEC-414?

How severe is CAPEC-414?

References

Defend against CAPEC-414

Overview

Related attack patterns

Parent

Frequently asked questions

What is CAPEC-414?

How severe is CAPEC-414?

References

Defend against CAPEC-414