Detailed attack pattern

Draft

CAPEC-632: Homograph Attack via Homoglyphs

Also known as: Homoglyph Attack

An adversary registers a domain name containing a homoglyph, leading the registered domain to appear the same as a trusted domain. A homograph attack leverages the fact that different characters among various character sets look the same to the user. Homograph attacks must generally be combined with other attacks, such as phishing attacks, in order to direct Internet traffic to the adversary-controlled destinations.

Medium

Typical severity

Per MITRE

Low

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Detailed

Abstraction

MITRE classification

Overview

CAPEC-632 (Homograph Attack via Homoglyphs) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.

CAPEC-632: Homograph Attack via Homoglyphs

Overview

How the attack works

What the attacker needs

Prerequisites

Skills required

Consequences

How to mitigate it

Examples

Terminology & mappings

Alternate terms

Frequently asked questions

What is CAPEC-632?

How does a Homograph Attack via Homoglyphs attack work?

How do you prevent CAPEC-632?

What weaknesses does CAPEC-632 target?

How severe is CAPEC-632?

References

Defend against CAPEC-632

Overview

How the attack works

What the attacker needs

Prerequisites

Skills required

Consequences

How to mitigate it

Examples

Related weaknesses

Related attack patterns

Parent

Can precede

Related

Terminology & mappings

Alternate terms

Frequently asked questions

What is CAPEC-632?

How does a Homograph Attack via Homoglyphs attack work?

How do you prevent CAPEC-632?

What weaknesses does CAPEC-632 target?

How severe is CAPEC-632?

References

Defend against CAPEC-632