Malicious scammers and social engineers are causing great harms to modern society. Knowledge about social engineering (SE) is wide-spread and it exits in non-academic papers and communication channels. Knowledge is mostly based on expert opinion and experience reports. Such knowledge, if articulated, can provide a valid source of knowledge and information. We performed the analysis of such sources and adopted grounded theory to extract the general knowledge behind SE. The study aims to understand the rationale of social engineers, capture the knowledge of SE attacks and extract important information from the sources, propose an activity for counteracting SE attacks, and how it can be used in security education.
The Impact of Workload on Phishing Susceptibility: An Experiment
Phishing is when social engineering is used to deceive a person into sharing sensitive information or downloading...