CAPEC-423: Influence Perception of Liking
The adversary influences the target's actions by building a relationship where the target has a liking to the adversary. People are more likely to be influenced by people of whom they are fond, so the adversary attempts to ingratiate themself with the target via actions, appearance, or a combination thereof.
Last updated
Overview
CAPEC-423 (Influence Perception of Liking) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.
What the attacker needs
Prerequisites
- The adversary must have the means and knowledge of how to communicate with the target in some manner.The adversary must have knowledge of the types of things that the target likes.
Skills required
- Low skill: The adversary requires strong inter-personal and communication skills.
Consequences
What a successful CAPEC-423 attack can achieve.
Other
Affects: Confidentiality, Integrity, Availability
Attacks that leverage the principle of liking can lead to the target performing an action that results in a variety of consequences that negatively affect the confidentiality, availability, and/or integrity of an application or system.
How to mitigate it
Defenses that reduce the risk of CAPEC-423.
- An organization should provide regular, robust cybersecurity training to its employees to prevent social engineering attacks.
Frequently asked questions
Common questions about CAPEC-423.
- What is CAPEC-423?
- The adversary influences the target's actions by building a relationship where the target has a liking to the adversary. People are more likely to be influenced by people of whom they are fond, so the adversary attempts to ingratiate themself with the target via actions, appearance, or a combination thereof.
- How do you prevent CAPEC-423?
- An organization should provide regular, robust cybersecurity training to its employees to prevent social engineering attacks.
- How severe is CAPEC-423?
- MITRE rates CAPEC-423 as Low severity with medium likelihood of attack.
References
Attack-pattern data is sourced from the MITRE CAPEC catalog (v3.9). Weakness associations link to the corresponding CWE entries on RadicalNotion.AI.
Defend against CAPEC-423
Track the CVEs and weaknesses attackers exploit with this technique, with AI-written analysis and remediation guidance.