CAPEC-164: Mobile Phishing
ID
CAPEC-164
Typical Severity
High
Likelihood Of Attack
High
Status
Stable
An adversary targets mobile phone users with a phishing attack for the purpose of soliciting account passwords or sensitive information from the user. Mobile Phishing is a variation of the Phishing social engineering technique where the attack is initiated via a text or SMS message, rather than email. The user is enticed to provide information or visit a compromised web site via this message. Apart from the manner in which the attack is initiated, the attack proceeds as a standard Phishing attack.
Weaknesses
# ID | Name | Type |
---|---|---|
CWE-451 | User Interface (UI) Misrepresentation of Critical Information | weakness |