Principal Spoofing
Attack Pattern ID: 195 (Standard Attack Pattern Completeness: Stub)Typical Severity: MediumStatus: Draft
+ Description


An attacker crafts a message that masquerades as a message from a person other than the actual message sender. This attack is a subset of the Identity Spoofing attack in that Principal Spoofing refers to pretending to be some other person in an interaction while Identity Spoofing refers to assuming the identity of any entity. As such, impersonating a server would be Identity Spoofing but not Principal Spoofing. The possible outcomes of Principal Spoofing mirror those of Identity Spoofing. (E.g. escalation of privilege and false attribution of data or activities.) Likewise, most techniques for Identity Spoofing (crafting messages or intercepting and replaying or modifying messages) can be used for a Principal Spoofing attack. However, because Principal Spoofing is used to impersonate a person, social engineering can be both an attack technique (using social techniques to generate evidence in support of a false identity) as well as a possible outcome (manipulating people's perceptions by making statements or performing actions under a target's name).

+ Attack Prerequisites

The target must associate data or activities with a person's identity and the attacker must be able to modify this identity without detection.

+ Resources Required

No special resources are required for most variants of this attack.

+ Related Attack Patterns
NatureTypeIDNameDescriptionView(s) this relationship pertains toView\(s\)
ChildOfAttack PatternAttack Pattern151Identity Spoofing (Impersonation) 
Mechanism of Attack (primary)1000