Detailed attack pattern

Draft

CAPEC-631: SoundSquatting

Also known as: Homophone Attack

An adversary registers a domain name that sounds the same as a trusted domain, but has a different spelling. A SoundSquatting attack takes advantage of a user's confusion of the two words to direct Internet traffic to adversary-controlled destinations. SoundSquatting does not require an attack against the trusted domain or complicated reverse engineering.

Medium

Typical severity

Per MITRE

Low

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Detailed

Abstraction

MITRE classification

Overview

CAPEC-631 (SoundSquatting) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.

CAPEC-631: SoundSquatting

Overview

How the attack works

What the attacker needs

Prerequisites

Skills required

Consequences

How to mitigate it

Examples

Terminology & mappings

Alternate terms

Frequently asked questions

What is CAPEC-631?

How does a SoundSquatting attack work?

How do you prevent CAPEC-631?

How severe is CAPEC-631?

References

Defend against CAPEC-631

Overview

How the attack works

What the attacker needs

Prerequisites

Skills required

Consequences

How to mitigate it

Examples

Related attack patterns

Parent

Can precede

Related

Terminology & mappings

Alternate terms

Frequently asked questions

What is CAPEC-631?

How does a SoundSquatting attack work?

How do you prevent CAPEC-631?

How severe is CAPEC-631?

References

Defend against CAPEC-631