In a shoulder surfing attack, an adversary observes an unaware individual's keystrokes, screen content, or conversations with the goal of obtaining sensitive information. One motive for this attack is to obtain sensitive information about the target for financial, personal, political, or other gains. From an insider threat perspective, an additional motive could be to obtain system/application credentials or cryptographic keys. Shoulder surfing attacks are accomplished by observing the content "over the victim's shoulder", as implied by the name of this attack.

Not present

Not present

1. The adversary typically requires physical proximity to the target's environment, in order to observe their screen or conversation. This may not be the case if the adversary is able to record the target and obtain sensitive information upon review of the recording.

Not present

1. An adversary can capture a target's banking credentials and transfer money to adversary-controlled accounts.
2. An adversary observes the target's mobile device lock screen pattern/passcode and then steals the device, which can now be unlocked.
3. An insider could obtain database credentials for an application and sell the credentials on the black market.
4. An insider overhears a conversation pertaining to classified information, which could then be posted on an anonymous online forum.