CognitiveAttackTaxonomy: Difference between revisions
From Cognitive Attack Taxonomy
No edit summary |
No edit summary |
||
| (9 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
{| class="wikitable sortable" | {| class="wikitable sortable" | ||
|+ '''Cognitive Attack Taxonomy'''<br> | |+ ''' | ||
== Cognitive Attack Taxonomy == | |||
'''<br><br> | |||
|- | |- | ||
! CAT ID !! CAT Name !! Layer !! Category | ! CAT ID !! CAT Name !! Layer !! Category | ||
|- CAT ID CAT Name Layer Category | |- CAT ID CAT Name Layer Category | ||
| CAT-2024- | | CAT-2024-010 || [[QRishing ]] || 8 || TTP | ||
|- | |- | ||
| CAT-2024-006 || [[ | | CAT-2024-007 || [[Need to Correct ]] || 8 || Vulnerability | ||
|- | |||
| CAT-2024-006 || [[Regulatory Capture ]] || 10 || Exploit | |||
|- | |- | ||
| CAT-2024-005 || [[Perjury_Trap ]] || 8, 10 || TTP | | CAT-2024-005 || [[Perjury_Trap ]] || 8, 10 || TTP | ||
| Line 20: | Line 24: | ||
| CAT-2024-008 || [[Positive_Test_Strategy ]] || 8 || Vulnerability | | CAT-2024-008 || [[Positive_Test_Strategy ]] || 8 || Vulnerability | ||
|- | |- | ||
| CAT-2024- | | CAT-2024-011 || [[Hyperstition ]] || 8 || Vulnerability | ||
|- | |- | ||
| CAT-2024-009 || [[Psychological_Chuting ]] || 8 || Exploit | | CAT-2024-009 || [[Psychological_Chuting ]] || 8 || Exploit | ||
| Line 654: | Line 658: | ||
| CAT-2022-025 || [[Brandjacking ]] || 8 || TTP | | CAT-2022-025 || [[Brandjacking ]] || 8 || TTP | ||
|- | |- | ||
| CAT-2022-024 || [[DELETED DUE TO REDUNDANCY ]] || | | CAT-2022-024 || [[DELETED DUE TO REDUNDANCY ]] || || | ||
|- | |- | ||
| CAT-2022-023 || [[Trick_Questions ]] || 8 || TTP | | CAT-2022-023 || [[Trick_Questions ]] || 8 || TTP | ||
| Line 727: | Line 731: | ||
|- | |- | ||
|} | |} | ||
CAT v2025.1 | |||
© 2025 Cognitive Security Institute. Licensed for non-commercial use under CC BY-NC 4.0. | |||
The Cognitive Attack Taxonomy (CAT) is made available under the Creative Commons Attribution–NonCommercial–NoDerivatives 4.0 International License (CC BY-NC-ND 4.0). | |||
This means that you are free to share the Cognitive Attack Taxonomy — copy and redistribute the material in any medium or format — provided that the following conditions are met: | |||
Attribution – You must give appropriate credit to the Cognitive Attack Taxonomy and the Cognitive Security Institute, provide a link to the license, and indicate if changes were made. | |||
NonCommercial – You may not use the material for commercial purposes. | |||
NoDerivatives – If you remix, transform, or build upon the material, you may not distribute the modified material. | |||
The full legal terms of this license can be found here: | |||
https://creativecommons.org/licenses/by-nc-nd/4.0/deed.en | |||
By using or sharing the Cognitive Attack Taxonomy, you agree to comply with the terms of this license. | |||
If you are interested in commercial use, derivative works, partnerships, or expanded licensing, please contact the Cognitive Security Institute to discuss collaboration opportunities. | |||
Latest revision as of 18:51, 12 March 2026
| CAT ID | CAT Name | Layer | Category |
|---|---|---|---|
| CAT-2024-010 | QRishing | 8 | TTP |
| CAT-2024-007 | Need to Correct | 8 | Vulnerability |
| CAT-2024-006 | Regulatory Capture | 10 | Exploit |
| CAT-2024-005 | Perjury_Trap | 8, 10 | TTP |
| CAT-2024-004 | Stroop_Test | 8 | TTP |
| CAT-2024-003 | False_Feedback_Injection | 7 | TTP |
| CAT-2024-002 | Sleeper_Agent_Attack | 7 | TTP |
| CAT-2024-001 | Evil_Eve_Attack | 7 | TTP |
| CAT-2024-008 | Positive_Test_Strategy | 8 | Vulnerability |
| CAT-2024-011 | Hyperstition | 8 | Vulnerability |
| CAT-2024-009 | Psychological_Chuting | 8 | Exploit |
| CAT-2023-018 | Repeated_Exposure | 8 | Exploit |
| CAT-2023-017 | Model_Extraction_Attacks | 7 | TTP |
| CAT-2023-016 | Model_Theft | 7 | TTP |
| CAT-2023-015 | Data_Reconstruction | 7 | Exploit |
| CAT-2023-014 | Model_Inversion_Attack | 7 | Exploit |
| CAT-2023-013 | Membership_Inference_Attack | 7 | Exploit |
| CAT-2023-012 | Adversarial_Examples | 7 | Exploit |
| CAT-2023-011 | Evasion_Attacks | 7 | TTP |
| CAT-2023-010 | Input_Manipulation_Attack | 7 | TTP |
| CAT-2023-009 | Backdoor_Attacks | 7 | TTP |
| CAT-2023-008 | Trigger_Based_Attack | 7 | TTP |
| CAT-2023-007 | Training_Data_Poisoning_Attack | 7 | TTP |
| CAT-2023-006 | Campbell’s_Law | 9 | Vulnerability |
| CAT-2023-005 | Training_Data_Poisoning | 7 | Exploit |
| CAT-2023-004 | Suffix_Injection | 7 | TTP |
| CAT-2023-003 | Sensitive_Information_Disclosure | 8 | Vulnerability |
| CAT-2023-002 | Prompt_Injection | 7 | TTP |
| CAT-2023-001 | Overreliance_on_Automation | 8 | Vulnerability |
| CAT-2022-321 | Impulsivity | 8 | Vulnerability |
| CAT-2022-320 | Excessive_Agency | 8 | Vulnerability |
| CAT-2022-319 | Emoji_Injection | 7, 8 | TTP |
| CAT-2022-318 | Culture_Jamming | 8 | TTP |
| CAT-2022-317 | Chain-Of-Thought_Manipulation | 7 | TTP |
| CAT-2022-316 | Network_Ambiance_Attack | 8 | TTP |
| CAT-2022-315 | Maskarovka | 8 | TTP |
| CAT-2022-314 | Reflexive_Control | 8 | TTP |
| CAT-2022-313 | Zone_Flooding | 8 | TTP |
| CAT-2022-312 | Incrementalism | 8, 9 | Exploit |
| CAT-2022-311 | Compliance-Ladder | 8 | TTP |
| CAT-2022-310 | Yes-Ladder | 8 | TTP |
| CAT-2022-309 | Wing | 8 | TTP |
| CAT-2022-308 | Whorfian_Attack | 8 | Exploit |
| CAT-2022-307 | Venue_Change | 8 | TTP |
| CAT-2022-306 | Trance-Words | 8 | TTP |
| CAT-2022-305 | Tainted_Leak | 8 | TTP |
| CAT-2022-304 | Social_Engineering_Toolkit | 8 | TTP |
| CAT-2022-303 | Slander_Attack | 8 | TTP |
| CAT-2022-302 | Sandbagging | 8 | TTP |
| CAT-2022-301 | Reframing | 8 | TTP |
| CAT-2022-300 | Prop | 8 | TTP |
| CAT-2022-299 | Preloading | 8 | TTP |
| CAT-2022-298 | Pendant_Anchoring | 8 | TTP |
| CAT-2022-297 | Open-Ended_Question | 8 | TTP |
| CAT-2022-296 | Negging | 8 | TTP |
| CAT-2022-295 | Multi-Channel_Attack | 8 | TTP |
| CAT-2022-294 | Mirroring | 8 | TTP |
| CAT-2022-293 | Micro_Expression | 8 | Vulnerability |
| CAT-2022-292 | Maltego | 8 | Tool / TTP |
| CAT-2022-291 | Leading_Question | 8 | TTP |
| CAT-2022-290 | Journobaiting | 8 | TTP |
| CAT-2022-289 | Ice_Breaker | 8 | TTP |
| CAT-2022-288 | Hot_Reading | 8 | TTP |
| CAT-2022-287 | Honey_Channels | 8 | TTP |
| CAT-2022-286 | Functional_Opener | 8 | TTP |
| CAT-2022-285 | Forcing | 8 | Exploit |
| CAT-2022-284 | Firehose_of_Falsehood | 8 | TTP |
| CAT-2022-283 | False_Time_Constraint | 8 | TTP |
| CAT-2022-282 | False_Flag | 8 | TTP |
| CAT-2022-281 | Eject_with_Explanation | 8 | TTP |
| CAT-2022-280 | Double_Switch | 8 | TTP |
| CAT-2022-279 | Deception-in-Depth | 8, 9 | TTP |
| CAT-2022-278 | Conversational_Threading | 8 | TTP |
| CAT-2022-277 | Cold_Reading | 8 | TTP |
| CAT-2022-276 | Buscador | 8 | Tool / TTP |
| CAT-2022-275 | Brushing | 8, 9 | TTP |
| CAT-2022-274 | Baiting-Trolling | 8 | TTP |
| CAT-2022-273 | Anchor-NLP_Technique | 8 | TTP |
| CAT-2022-272 | Active_Indicator_Probe | 8 | TTP |
| CAT-2022-271 | Accomplished_Introduction | 8 | TTP |
| CAT-2022-270 | Operant_Conditioning | 8 | Exploit |
| CAT-2022-269 | Neoteny | 8 | Vulnerability |
| CAT-2022-268 | Need | 8 | Vulnerability |
| CAT-2022-267 | Need_&_Greed_Attack | 8 | Exploit |
| CAT-2022-266 | Fear | 8 | Vulnerability |
| CAT-2022-265 | Jolly_Roger_Bot | 8 | Tool / TTP |
| CAT-2022-264 | eWhoring | 8 | TTP |
| CAT-2022-263 | Synthetic_Media_Social_Engineering | 8 | TTP |
| CAT-2022-262 | Deepfake_Social_Engineering | 8 | TTP |
| CAT-2022-261 | Virus_Hoax | 8 | TTP |
| CAT-2022-260 | Virtual_Kidnapping | 8 | TTP |
| CAT-2022-259 | Telemarketing_Scam | 8 | TTP |
| CAT-2022-258 | Tech_Support_Scam | 8 | TTP |
| CAT-2022-257 | Romance_Scam | 8 | TTP |
| CAT-2022-256 | Hoax_Virus | 8 | TTP |
| CAT-2022-255 | Gift-Card_Scam | 8 | TTP |
| CAT-2022-254 | Crab_Phishing | 8 | TTP |
| CAT-2022-253 | Cat_Fishing | 8 | TTP |
| CAT-2022-252 | Business_Email_Compromise | 8, 9 | TTP |
| CAT-2022-251 | Advance_Fee_Scam | 8 | TTP |
| CAT-2022-250 | War_Shipping | 8, 9 | TTP |
| CAT-2022-249 | Tailgating | 8 | TTP |
| CAT-2022-248 | Snail_Mail_Attack | 8 | TTP |
| CAT-2022-247 | Shoulder_Surfing | 8 | TTP |
| CAT-2022-246 | Dumpster_Diving | 8, 9 | TTP |
| CAT-2022-245 | Baiting-Drop | 8 | TTP |
| CAT-2022-244 | Assistance_Ploy | 8 | Exploit |
| CAT-2022-243 | Robot_Social_Engineering | 8 | TTP |
| CAT-2022-242 | Dolphin_Attack | 8 | Exploit |
| CAT-2022-241 | Acoustic_Attack | 8 | TTP |
| CAT-2022-240 | Robo_Calling | 8 | TTP |
| CAT-2022-239 | Spamigation | 10 | TTP |
| CAT-2022-238 | Strategic_Lawsuit_Against_Public_Participation | 10 | TTP |
| CAT-2022-237 | Patent_Trolling | 10 | TTP |
| CAT-2022-236 | Legal_Loophole | 10 | Vulnerability |
| CAT-2022-235 | Lawfare | 10 | Exploit |
| CAT-2022-234 | Supply_Chain_Attack | 9 | Exploit |
| CAT-2022-233 | Shadow_Security | 9 | Vulnerability |
| CAT-2022-232 | Shadow_IT | 9 | Vulnerability |
| CAT-2022-231 | Shadow_AP | 9 | Vulnerability |
| CAT-2022-230 | Escalation_Attack | 9 | TTP |
| CAT-2022-229 | Cybersquatting | 9 | TTP |
| CAT-2022-228 | Spectrum_of_Allies | 8 | TTP |
| CAT-2022-227 | Unity | 8 | Vulnerability |
| CAT-2022-226 | Social_Proof | 8 | Vulnerability |
| CAT-2022-225 | Scarcity | 8 | Vulnerability |
| CAT-2022-224 | Reversing_Authority | 8 | TTP |
| CAT-2022-223 | Reciprocity-Need_for | 8 | Vulnerability |
| CAT-2022-222 | Pawn-Pivot | 8 | TTP |
| CAT-2022-221 | Party_Crashing | 8 | TTP |
| CAT-2022-220 | Liking | 8 | Vulnerability |
| CAT-2022-219 | Door-in-the-Face_Technique | 8 | TTP |
| CAT-2022-218 | Commitment-Consistency | 8 | Vulnerability |
| CAT-2022-217 | Bandwagon_Effect | 8 | Exploit |
| CAT-2022-216 | Authority-Deference_to | 8 | Vulnerability |
| CAT-2022-215 | Assistance-Need_to_Provide | 8 | Vulnerability |
| CAT-2022-214 | Network_Affect_Contagion | 7, 8 | Vulnerability |
| CAT-2022-213 | Wall_Banging | 8 | TTP |
| CAT-2022-212 | Trolling | 8 | TTP |
| CAT-2022-211 | Trevor's_Axiom | 8 | Exploit |
| CAT-2022-210 | Sympathy | 8 | Vulnerability |
| CAT-2022-209 | Streisand_Effect | 8 | Vulnerability |
| CAT-2022-208 | Stereotyping | 8 | Vulnerability |
| CAT-2022-207 | Social_Desirability_Bias | 8 | Vulnerability |
| CAT-2022-206 | Outgroup_Homogeneity_Bias | 8 | Vulnerability |
| CAT-2022-205 | Network_Manipulated_Affect | 8 | Vulnerability |
| CAT-2022-204 | Mass_Psychogenic_Illness | 8 | Vulnerability |
| CAT-2022-203 | Ingroup_Bias | 8 | Vulnerability |
| CAT-2022-202 | Zombification | 8 | Exploit |
| CAT-2022-201 | Strobe_Attack | 8 | TTP |
| CAT-2022-200 | Sonic_Area_Denial | 8 | TTP |
| CAT-2022-199 | P300_Guilty_Knowledge_Test | 8 | TTP |
| CAT-2022-198 | Interoceptive_Bias | 8 | Vulnerability |
| CAT-2022-197 | Tab-Napping | 8 | TTP |
| CAT-2022-196 | Prevalence_Paradox | 8 | Vulnerability |
| CAT-2022-195 | Noise_Injection | 8, 9 | TTP |
| CAT-2022-194 | Human_Buffer_Overflow | 8 | Exploit |
| CAT-2022-193 | Gray_Signal_Attacks | 8 | TTP |
| CAT-2022-192 | Focusing_Effect | 8 | Vulnerability |
| CAT-2022-191 | Distracted_Approach-Distraction | 8 | TTP |
| CAT-2022-190 | Boredom | 8 | Vulnerability |
| CAT-2022-189 | Automaticity | 8 | Vulnerability |
| CAT-2022-188 | Video_Puppetry | 8 | TTP |
| CAT-2022-187 | Social_Jacking | 8 | TTP |
| CAT-2022-186 | Perceptual_Deception | 8 | Vulnerability |
| CAT-2022-185 | Like_Jacking | 8 | TTP |
| CAT-2022-184 | IDN_Homograph_Attack | 8 | TTP |
| CAT-2022-183 | Clickjacking | 8 | TTP |
| CAT-2022-182 | Traitor_Tracing | 8 | TTP |
| CAT-2022-181 | Ignorance | 8 | Vulnerability |
| CAT-2022-180 | File_Masquerading | 8, 9 | TTP |
| CAT-2022-179 | We_Know_All | 8 | TTP |
| CAT-2022-178 | Silence | 8 | TTP |
| CAT-2022-177 | Sensory_Matching | 8 | TTP |
| CAT-2022-176 | Secret_Knowledge | 8 | TTP |
| CAT-2022-175 | Rubber-Hose_Cryptanalysis | 8 | Exploit |
| CAT-2022-174 | Repetition | 8 | TTP |
| CAT-2022-173 | Repeat-a-Word | 8 | TTP |
| CAT-2022-172 | Rapid_Fire | 8 | TTP |
| CAT-2022-171 | Quid_Pro_Quo | 8 | TTP |
| CAT-2022-170 | Provocative_Statement | 8 | TTP |
| CAT-2022-169 | Pride_and_Ego_Approach | 8 | TTP |
| CAT-2022-168 | Oblique_Reference | 8 | TTP |
| CAT-2022-167 | Neuro-Linguistic_Programming | 8 | Exploit |
| CAT-2022-166 | Naïve_Mentality | 8 | TTP |
| CAT-2022-165 | Incentive_Approach | 8 | TTP |
| CAT-2022-164 | Hour_Glass_Method | 8 | TTP |
| CAT-2022-163 | Futility | 8 | TTP |
| CAT-2022-162 | Flattery | 8 | TTP |
| CAT-2022-161 | File_and_Dossier | 8 | TTP |
| CAT-2022-160 | Fear-Up_Approach | 8 | TTP |
| CAT-2022-159 | Fear-Down_Approach | 8 | TTP |
| CAT-2022-158 | Ethical_Dilemma | 8 | TTP |
| CAT-2022-157 | Establish_Your_Identity | 8 | TTP |
| CAT-2022-156 | Emotional_Approach | 8 | TTP |
| CAT-2022-155 | Elicitation_of_Information | 8 | TTP |
| CAT-2022-154 | Disbelief | 8 | TTP |
| CAT-2022-153 | Direct_Approach | 8 | TTP |
| CAT-2022-152 | Deliberate_False_Statement | 8 | TTP |
| CAT-2022-151 | Criticism | 8 | TTP |
| CAT-2022-150 | Complaining-Tendency | 8 | Vulnerability |
| CAT-2022-149 | Change_of_Scene | 8 | TTP |
| CAT-2022-148 | Whaling | 8 | TTP |
| CAT-2022-147 | Tailored_Messaging | 8 | TTP |
| CAT-2022-146 | Sniper_Ad_Targeting | 8 | TTP |
| CAT-2022-145 | Pluridentity_Attack | 7,8,9,10 | Exploit |
| CAT-2022-144 | Inference_Attack | 7,8,9,10 | Exploit |
| CAT-2022-143 | Data_Vulnerability | 8 | Vulnerability |
| CAT-2022-142 | Vishing | 8 | TTP |
| CAT-2022-141 | Spear_Phishing | 8 | TTP |
| CAT-2022-140 | Sock-Puppetry | 8 | TTP |
| CAT-2022-139 | SMSishing | 8 | TTP |
| CAT-2022-138 | Shilling_Attack | 9 | TTP |
| CAT-2022-137 | Shill | 8 | TTP |
| CAT-2022-136 | Semantic_Attack | 7, 8, 9 | Exploit |
| CAT-2022-135 | Scambaiting | 8 | TTP |
| CAT-2022-134 | Reverse_Social_Engineering | 8 | TTP |
| CAT-2022-133 | Pretext-Pretexting | 8 | TTP |
| CAT-2022-132 | Phishing | 8 | TTP |
| CAT-2022-131 | Impersonation_Scam | 8 | TTP |
| CAT-2022-130 | Honey_Trap | 8 | TTP |
| CAT-2022-129 | Honey_Token | 8 | TTP |
| CAT-2022-128 | Honey_Pot | 8 | TTP |
| CAT-2022-127 | Honey_Phish | 8 | TTP |
| CAT-2022-126 | Greenwashing | 8 | TTP |
| CAT-2022-125 | Gaslighting | 8 | TTP |
| CAT-2022-124 | Cognitive_Malware_Injection | 8 | TTP |
| CAT-2022-123 | Clone_Phishing | 8 | TTP |
| CAT-2022-122 | Astro-Turfing | 8 | TTP |
| CAT-2022-121 | Transmission_Error | 8 | Vulnerability |
| CAT-2022-120 | Mis-Addressed_Email | 8 | Vulnerability |
| CAT-2022-119 | Loss_Error | 8 | Vulnerability |
| CAT-2022-118 | Leakage_Errors | 8 | Vulnerability |
| CAT-2022-117 | Disposal_Errors | 8 | Vulnerability |
| CAT-2022-116 | Configuration_Error | 8 | Vulnerability |
| CAT-2022-115 | Curiosity | 8 | Vulnerability |
| CAT-2022-114 | Zeigarnik_Effect | 8 | Vulnerability |
| CAT-2022-113 | Whorfianism | 8 | Vulnerability |
| CAT-2022-112 | von_Restorff_Effect | 8 | Vulnerability |
| CAT-2022-111 | Unfinished-Magnetizer | 8 | Exploit |
| CAT-2022-110 | Suggestion | 8 | TTP |
| CAT-2022-109 | Subjective_Validation | 8 | Vulnerability |
| CAT-2022-108 | Straw_Man-Argument | 8 | TTP |
| CAT-2022-107 | Status_Quo_Bias | 8 | Vulnerability |
| CAT-2022-106 | Spotlight_Effect | 8 | Vulnerability |
| CAT-2022-105 | Spacing_Effect | 8 | Exploit |
| CAT-2022-104 | Source_Monitoring_Error | 8 | Vulnerability |
| CAT-2022-103 | Serial_Position_Effect | 8 | Vulnerability |
| CAT-2022-102 | Self-Serving_Bias | 8 | Vulnerability |
| CAT-2022-101 | Self-Relevance_Effect | 8 | Vulnerability |
| CAT-2022-100 | Search_Engine_Manipulation_Effect | 8 | Exploit |
| CAT-2022-099 | Satisficing | 8 | Vulnerability |
| CAT-2022-098 | Risk_Homeostasis | 8 | Vulnerability |
| CAT-2022-097 | Relativism | 8 | Vulnerability |
| CAT-2022-096 | Probability_Blindness | 8 | Vulnerability |
| CAT-2022-095 | Pre-Suasion | 8 | Exploit |
| CAT-2022-094 | Planning_Fallacy | 8 | Vulnerability |
| CAT-2022-093 | Peak-End_Rule | 8 | Vulnerability |
| CAT-2022-092 | Overconfidence | 8 | Vulnerability |
| CAT-2022-091 | Optimism_Bias | 8 | Vulnerability |
| CAT-2022-090 | Omission_Bias | 8 | Vulnerability |
| CAT-2022-089 | Next-In-Line-Effect | 8 | Vulnerability |
| CAT-2022-088 | Neglect_of_Probability | 8 | Vulnerability |
| CAT-2022-087 | Negativity_Bias | 8 | Vulnerability |
| CAT-2022-086 | Narrative_Influence | 8 | Exploit |
| CAT-2022-085 | Mystery_Magnetizer | 8 | Exploit |
| CAT-2022-084 | Mother_Teresa_Effect | 8 | Vulnerability |
| CAT-2022-083 | Mood-Congruent_Memory | 8 | Vulnerability |
| CAT-2022-082 | Mental_Set | 8 | Vulnerability |
| CAT-2022-081 | Malware-Induced_Misperception_Attack | 8 | TTP |
| CAT-2022-080 | Self-Relevance-Magnetizer | 8 | Exploit |
| CAT-2022-079 | Loss_Aversion | 8 | Vulnerability |
| CAT-2022-078 | Levels-of-Processing_Effect | 8 | Vulnerability |
| CAT-2022-077 | Leveling_and_Sharpening | 8 | Vulnerability |
| CAT-2022-076 | Involuntary_Musical_Imagery | 8 | Exploit |
| CAT-2022-075 | Involuntary_Memory | 8 | Vulnerability |
| CAT-2022-074 | Inoculation_Effect | 8 | Exploit |
| CAT-2022-073 | Illusory_Correlation | 8 | Vulnerability |
| CAT-2022-072 | Illusion_of_Control | 8 | Vulnerability |
| CAT-2022-071 | IKEA_Effect | 8 | Vulnerability |
| CAT-2022-070 | Hyperbolic_Discounting | 8 | Vulnerability |
| CAT-2022-069 | Hindsight_Bias | 8 | Vulnerability |
| CAT-2022-068 | Halo_Effect | 8 | Vulnerability |
| CAT-2022-067 | Gambler's_Fallacy | 8 | Vulnerability |
| CAT-2022-066 | Fundamental_Attribution_Error | 8 | Vulnerability |
| CAT-2022-065 | Functional_Fixedness | 8 | Vulnerability |
| CAT-2022-064 | Frequency_Illusion | 8 | Vulnerability |
| CAT-2022-063 | Framing_Effect | 8 | Vulnerability |
| CAT-2022-062 | Foot-In-the-Door_Technique | 8 | TTP |
| CAT-2022-061 | Fear_of_Missing_Out | 8 | Exploit |
| CAT-2022-060 | False_Uniqueness_Bias | 8 | Vulnerability |
| CAT-2022-059 | False_Memory | 8 | Vulnerability |
| CAT-2022-058 | False_Consensus_Effect | 8 | Vulnerability |
| CAT-2022-057 | Endowment_Effect | 8 | Vulnerability |
| CAT-2022-056 | Egocentric_Bias | 8 | Vulnerability |
| CAT-2022-055 | Ear_Worm | 8 | Exploit |
| CAT-2022-054 | Dunning–Kruger_Effect | 8 | Vulnerability |
| CAT-2022-053 | Dread_Aversion | 8 | Vulnerability |
| CAT-2022-052 | Default_Bias | 8 | Vulnerability |
| CAT-2022-051 | Decoy_Effect | 8 | Exploit |
| CAT-2022-050 | Decision_Fatigue | 8 | Vulnerability |
| CAT-2022-049 | Context_Dependent_Memory | 8 | Vulnerability |
| CAT-2022-048 | Confirmation_Bias | 8 | Vulnerability |
| CAT-2022-047 | Cognitive_Malware | 8 | Exploit |
| CAT-2022-046 | Cognitive_Dissonance | 8 | Vulnerability |
| CAT-2022-045 | Cognitive_Deception | 8 | Exploit |
| CAT-2022-044 | Clustering_Illusion | 8 | Vulnerability |
| CAT-2022-043 | Classical_Conditioning | 8 | Exploit |
| CAT-2022-042 | Ben_Franklin_Effect | 8 | Exploit |
| CAT-2022-041 | Belief_Bias | 8 | Vulnerability |
| CAT-2022-040 | Base_Rate_Neglect | 8 | Vulnerability |
| CAT-2022-039 | Barnum_Statement | 8 | TTP |
| CAT-2022-038 | Availability_Heuristic | 8 | Vulnerability |
| CAT-2022-037 | Anchoring | 8 | Vulnerability |
| CAT-2022-036 | Ambiguous_Self_Induced_Disinformation_Attack | 8 | TTP |
| CAT-2022-035 | Ambient_Tactical_Deception_Attacks | 8 | TTP |
| CAT-2022-034 | Actor-Observer_Bias | 8 | Vulnerability |
| CAT-2022-033 | Wikijacking | 8 | TTP |
| CAT-2022-032 | Wi-Fi_Evil_Twin | 8 | TTP |
| CAT-2022-031 | Water_Hole_Attack | 8 | TTP |
| CAT-2022-030 | Typosquatting | 8 | TTP |
| CAT-2022-029 | Social_Phishing | 8 | TTP |
| CAT-2022-028 | Lateral_Phishing | 8 | TTP |
| CAT-2022-027 | Fluency_Effect | 8 | Vulnerability |
| CAT-2022-026 | Familiarity | 8 | Vulnerability |
| CAT-2022-025 | Brandjacking | 8 | TTP |
| CAT-2022-024 | DELETED DUE TO REDUNDANCY | ||
| CAT-2022-023 | Trick_Questions | 8 | TTP |
| CAT-2022-022 | Spam | 8 | TTP |
| CAT-2022-021 | Sneak_into_Basket | 8 | TTP |
| CAT-2022-020 | Scareware | 8 | TTP |
| CAT-2022-019 | Roach_Motel | 8 | TTP |
| CAT-2022-018 | Privacy_Zuckering | 8 | TTP |
| CAT-2022-017 | Price_Comparison_Prevention | 8 | TTP |
| CAT-2022-016 | Persuasive_Technology | 8 | TTP |
| CAT-2022-015 | Mouse-Trapping | 8 | TTP |
| CAT-2022-014 | Misdirection-Distraction | 8 | Exploit |
| CAT-2022-013 | Malvertisement | 8 | TTP |
| CAT-2022-012 | Hidden_Costs | 8 | TTP |
| CAT-2022-011 | Friend_Spam | 8 | TTP |
| CAT-2022-010 | Forced_Continuity | 8 | TTP |
| CAT-2022-009 | Disguised_Ads | 8 | TTP |
| CAT-2022-008 | Dark_Design_Patterns | 8 | TTP |
| CAT-2022-007 | Confirm_Shaming | 8 | TTP |
| CAT-2022-006 | Click-Bait | 8 | TTP |
| CAT-2022-005 | Bait_and_Switch | 8 | TTP |
| CAT-2022-004 | Addictive_Technology | 8 | TTP |
| CAT-2022-003 | Nudging | 8 | TTP |
| CAT-2022-002 | Forcing_Function | 8 | TTP |
| CAT-2022-001 | Fogg_Model_of_Behavior | 8 | Tool / TTP |
| CAT-2021-010 | Excitement-Appeal_to | 8 | Exploit |
| CAT-2021-009 | Low_Agreeableness | 8 | Vulnerability |
| CAT-2021-008 | Low_Extraversion | 8 | Vulnerability |
| CAT-2021-007 | Low_Conscientiousness | 8 | Vulnerability |
| CAT-2021-012 | Reciprocation | 8 | Exploit |
| CAT-2021-011 | Authority | 8 | Exploit |
| CAT-2021-006 | Low_Openness | 8 | Vulnerability |
| CAT-2021-005 | High_Neuroticism | 8 | Vulnerability |
| CAT-2021-004 | High_Agreeableness | 8 | Vulnerability |
| CAT-2021-003 | High_Extraversion | 8 | Vulnerability |
| CAT-2021-002 | High_Conscientiousness | 8 | Vulnerability |
| CAT-2021-001 | High_Openness | 8 | Vulnerability |
CAT v2025.1 © 2025 Cognitive Security Institute. Licensed for non-commercial use under CC BY-NC 4.0.
The Cognitive Attack Taxonomy (CAT) is made available under the Creative Commons Attribution–NonCommercial–NoDerivatives 4.0 International License (CC BY-NC-ND 4.0).
This means that you are free to share the Cognitive Attack Taxonomy — copy and redistribute the material in any medium or format — provided that the following conditions are met:
Attribution – You must give appropriate credit to the Cognitive Attack Taxonomy and the Cognitive Security Institute, provide a link to the license, and indicate if changes were made.
NonCommercial – You may not use the material for commercial purposes.
NoDerivatives – If you remix, transform, or build upon the material, you may not distribute the modified material.
The full legal terms of this license can be found here: https://creativecommons.org/licenses/by-nc-nd/4.0/deed.en
By using or sharing the Cognitive Attack Taxonomy, you agree to comply with the terms of this license.
If you are interested in commercial use, derivative works, partnerships, or expanded licensing, please contact the Cognitive Security Institute to discuss collaboration opportunities.
