TY - JOUR
T1 - User characteristics that influence judgment of social engineering attacks in social networks
AU - Albladi, Samar Muslah
AU - Weir, George R.S.
PY - 2018/2/28
Y1 - 2018/2/28
N2 - Social engineering is a growing source of information security concern. Exploits appear to evolve, with increasing levels of sophistication, in order to target multiple victims. Despite increased concern with this risk, there has been little research activity focused upon social engineering in the potentially rich hunting ground of social networks. In this setting, factors that influence users’ proficiency in threat detection need to be understood if we are to build a profile of susceptible users, develop suitable advice and training programs, and generally help address this issue for those individuals most likely to become targets of social engineering in social networks. To this end, the present study proposes and validates a user-centric framework based on four perspectives: socio-psychological, habitual, socio-emotional, and perceptual. Previous research tends to rely on selected aspects of these perspectives and has not combined them into a single model for a more cohesive understanding of user’s susceptibility.
AB - Social engineering is a growing source of information security concern. Exploits appear to evolve, with increasing levels of sophistication, in order to target multiple victims. Despite increased concern with this risk, there has been little research activity focused upon social engineering in the potentially rich hunting ground of social networks. In this setting, factors that influence users’ proficiency in threat detection need to be understood if we are to build a profile of susceptible users, develop suitable advice and training programs, and generally help address this issue for those individuals most likely to become targets of social engineering in social networks. To this end, the present study proposes and validates a user-centric framework based on four perspectives: socio-psychological, habitual, socio-emotional, and perceptual. Previous research tends to rely on selected aspects of these perspectives and has not combined them into a single model for a more cohesive understanding of user’s susceptibility.
KW - deception
KW - information security
KW - phishing
KW - social engineering
KW - social network
UR - http://www.scopus.com/inward/record.url?scp=85042652340&partnerID=8YFLogxK
U2 - 10.1186/s13673-018-0128-7
DO - 10.1186/s13673-018-0128-7
M3 - Article
AN - SCOPUS:85042652340
VL - 8
JO - Human-centric Computing and Information Sciences
JF - Human-centric Computing and Information Sciences
SN - 2192-1962
IS - 1
M1 - 5
ER -