1. CAPEC-148: Content Spoofing
    1. CAPEC-145: Checksum Spoofing
    2. CAPEC-218: Spoofing of UDDI/ebXML Messages
    3. CAPEC-502: Intent Spoof
    4. CAPEC-627: Counterfeit GPS Signals
      1. CAPEC-628: Carry-Off GPS Attack
  2. CAPEC-151: Identity Spoofing
    1. CAPEC-194: Fake the Source of Data
      1. CAPEC-275: DNS Rebinding
      2. CAPEC-543: Counterfeit Websites
      3. CAPEC-544: Counterfeit Organizations
      4. CAPEC-598: DNS Spoofing
      5. CAPEC-633: Token Impersonation
    2. CAPEC-195: Principal Spoof
      1. CAPEC-587: Cross Frame Scripting (XFS)
      2. CAPEC-599: Terrestrial Jamming
    3. CAPEC-473: Signature Spoof
      1. CAPEC-459: Creating a Rogue Certification Authority Certificate
      2. CAPEC-474: Signature Spoofing by Key Theft
      3. CAPEC-475: Signature Spoofing by Improper Validation
      4. CAPEC-476: Signature Spoofing by Misrepresentation
      5. CAPEC-477: Signature Spoofing by Mixing Signed and Unsigned Content
      6. CAPEC-479: Malicious Root Certificate
      7. CAPEC-485: Signature Spoofing by Key Recreation
    4. CAPEC-89: Pharming
    5. CAPEC-98: Phishing
      1. CAPEC-163: Spear Phishing
      2. CAPEC-164: Mobile Phishing
      3. CAPEC-656: Voice Phishing
  3. CAPEC-154: Resource Location Spoofing
    1. CAPEC-159: Redirect Access to Libraries
      1. CAPEC-132: Symlink Attack
      2. CAPEC-38: Leveraging/Manipulating Configuration File Search Paths
      3. CAPEC-471: Search Order Hijacking
      4. CAPEC-641: DLL Side-Loading
    2. CAPEC-141: Cache Poisoning
      1. CAPEC-51: Poison Web Service Registry
      2. CAPEC-142: DNS Cache Poisoning
    3. CAPEC-616: Establish Rogue Location
      1. CAPEC-505: Scheme Squatting
      2. CAPEC-611: BitSquatting
      3. CAPEC-615: Evil Twin Wi-Fi Attack
      4. CAPEC-617: Cellular Rogue Base Station
      5. CAPEC-630: TypoSquatting
      6. CAPEC-631: SoundSquatting
      7. CAPEC-632: Homograph Attack via Homoglyphs
      8. CAPEC-667: Bluetooth Impersonation AttackS (BIAS)
  4. CAPEC-173: Action Spoofing
    1. CAPEC-103: Clickjacking
      1. CAPEC-181: Flash File Overlay
      2. CAPEC-222: iFrame Overlay
    2. CAPEC-501: Android Activity Hijack
    3. CAPEC-504: Task Impersonation
      1. CAPEC-654: Credential Prompt Impersonation
    4. CAPEC-506: Tapjacking
  5. CAPEC-416: Manipulate Human Behavior
    1. CAPEC-407: Pretexting
      1. CAPEC-383: Harvesting Information via API Event Monitoring
      2. CAPEC-412: Pretexting via Customer Service
      3. CAPEC-413: Pretexting via Tech Support
      4. CAPEC-414: Pretexting via Delivery Person
      5. CAPEC-415: Pretexting via Phone
    2. CAPEC-417: Influence Perception
      1. CAPEC-418: Influence Perception of Reciprocation
      2. CAPEC-420: Influence Perception of Scarcity
      3. CAPEC-421: Influence Perception of Authority
      4. CAPEC-422: Influence Perception of Commitment and Consistency
      5. CAPEC-423: Influence Perception of Liking
      6. CAPEC-424: Influence Perception of Consensus or Social Proof
    3. CAPEC-425: Target Influence via Framing
    4. CAPEC-426: Influence via Incentives
    5. CAPEC-427: Influence via Psychological Principles
      1. CAPEC-428: Influence via Modes of Thinking
      2. CAPEC-429: Target Influence via Eye Cues
      3. CAPEC-433: Target Influence via The Human Buffer Overflow
      4. CAPEC-434: Target Influence via Interview and Interrogation
      5. CAPEC-435: Target Influence via Instant Rapport
  6. CAPEC-389: Content Spoofing Via Application API Manipulation
  7. This work is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License. Brett Crawley
  8. LICENSE The MITRE Corporation (MITRE) hereby grants you a non-exclusive, royalty-free license to use Common Attack Pattern Enumeration and Classification (CAPEC™) for research, development, and commercial purposes. Any copy you make for such purposes is authorized provided that you reproduce MITRE’s copyright designation and this license in any such copy. DISCLAIMERS ALL DOCUMENTS AND THE INFORMATION CONTAINED THEREIN ARE PROVIDED ON AN "AS IS" BASIS AND THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE MITRE CORPORATION, ITS BOARD OF TRUSTEES, OFFICERS, AGENTS, AND EMPLOYEES, DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION THEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.