masquerade

A type of threat action whereby an unauthorized entity gains access to a system or performs a malicious act by illegitimately posing as an authorized entity. (See: deception.)

Usage: This type of threat action includes the following subtypes:

• "Spoof": Attempt by an unauthorized entity to gain access to a system by posing as an authorized user.
• "Malicious logic": In context of masquerade, any hardware, firmware, or software (e.g., Trojan horse) that appears to perform a useful or desirable function, but actually gains unauthorized access to system resources or tricks a user into executing other malicious logic. (See: corruption, incapacitation, main entry for "malicious logic", misuse.)