CAPEC-424: Influence Perception of Consensus or Social Proof
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
The adversary influences the target's actions by leveraging the inherent human nature to assume behavior of others is appropriate. In situations of uncertainty, people tend to behave in ways they see others behaving. The adversary convinces the target of adopting behavior or actions that is advantageous to the adversary.
前提条件
- The adversary must have the means and knowledge of how to communicate with the target in some manner.
所需技能
后果影响
影响范围: Confidentiality Integrity Availability
技术影响: Other
说明: Attacks that leverage the principle of liking can lead to the target performing an action that results in a variety of consequences that negatively affect the confidentiality, availability, and/or integrity of an application or system.
缓解措施
An organization should provide regular, robust cybersecurity training to its employees to prevent social engineering attacks.