Social Engineering Attacks: How to Prevent

Lilit Manukyan, Mariam Gevorgyan

Brusov State University, Yerevan, Armenia;
French University in Armenia, Yerevan, Armenia, Institute for Physical Research, NAS of Armenia, Yerevan, Armenia

Cite: Manukyan L., Gevorgyan M. Social Engineering Attacks: How to Prevent. JDS, 6(1), 28-35, (2024). https://doi.org/10.33847/2686-8296.6.1_3

Download PDF

Abstract.We present the pervasive threat of social engineering attacks in cyber security. The article explores interdisciplinary perspectives, such as psychology and information technology discipline, the social engineering attack types, sequence and traits. Through an in-depth analysis of social engineering attacks, this paper aims to raise awareness about the evolving threat landscape and provides actionable strategies for effective prevention. Nowadays social engineering attacks are incredibly important for all mobile and computer users. Beyond spotting an attack, one can also be proactive about privacy and security. Keeping your devices themselves is just as important as all your other digital behaviors. 90 % of cyber attacks involve social engineering. “Human hacking” scams tend to lure unsuspecting users into exposing data, spreading malware infections, or giving access to restricted systems. In this article we have been presenting pervasive and growing threat-social engineering, interdisciplinary perspectives, such as psychology and information technology discipline, the social engineering attack types, sequence and traits. Therefore, in the article we have been studying social engineering attacks and ways of preventing them.
Keywords: Social Engineering, Social Engineering Attacks, Interdisciplinary view of social engineering, Psychology of information security, Human Error, Cyber Security. 

References

  1. Anderson J., Ross (2008). Security engineering: a guide to building dependable distributed systems (2 ed.). Indianapolis, IN: Wiley. ISBN 978-0-470-06852-6. Chapter 2, page 17.
  2. URL: https://terrorgum.com/tfox/books/security_engineering_a_guide_to_building_dependable_distributed_systems.pdf
  3. “Social Engineering Defined”. Security Through Education. Retrieved 3 October 2021. 
  4. URL: https://www.social-engineer.org/framework/general-discussion/social-engineering-defined/
  5. Mathieu J. Guitton (1 June, 2020). “Cybersecurity, social engineering, artificial intelligence, technological addictions: Societal challenges for the coming decade”. Computers in Human Behavior. 107: 106307. 
  6. URL: https://doi.org/10.1016/j.chb.2020.106307
  7. Kırdemir, Baris (2019). “Hostile influence and emerging cognitive threats in cyberspace”. Centre for Economics and Foreign Policy Studies.
  8. URL: https://edam.org.tr/wp-content/uploads/2019/12/Hostile-Influence-Emerging-Cognitive-Threats-in-Cyberspace-by-Baris-Kirdemir.pdf
  9. Salaheddine, Fatima (2019). “Social Engineering Attacks: A Survey”. School of Electrical Engineering and Computer Science, University of North Dakota. 11 (4): 89.
  10. URL: https://www.researchgate.net/publication/332151597_Social_Engineering_Attacks_A_Survey
  11. Venkatesha S., Reddy K., Chandavarkar B. (2021). Social engineering attacks during the COVID-19 pandemic.SN Computer Science, 2 (2) (2021), p. 78, DOI:10.1007/s42979-020-00443-1.
  12. URL: https://link.springer.com/article/10.1007/s42979-020-00443-1
  13. Bullee J., Montoya L., Pieters W., Junger M., Hartel P. On the anatomy of social engineering attacks: A literature-based dissection of successful attacks. Journal of Investigative Psychology and Offender Profiling, 15 (1) (2017), pp. 20-45.
  14. URL: https://www.researchgate.net/publication/318420389_On_the_anatomy_of_social_engineering_attacks-A_literature-based_dissection_of_successful_attacks
  15. Khoshabeh P., Lucas G. Virtual human role players for studying social factors in organizational decision making. Frontiers in Psychology, 9 (194) (2018), DOI: 10.3389/fpsyg.20180194. 
  16. URL: https://www.researchgate.net/publication/323501481_Virtual_Human_Role_Players_for_Studying_Social_Factors_in_Organizational_Decision_Making
  17. Jansson K., von Solms R.. Phishing for phishing awareness Behavior and Information Technology, 32 (6) (2011), pp. 584-593. DOI: 10.1080/0144929X.2011.632650
  18. URL: https://www.researchgate.net/publication/254220544_Phishing_for_phishing_awareness
  19. Grassegger T., Nedbal D. The role of employees’ information security awareness on the intention to resist social engineering. Procedia Computer Science, 181 (2021), pp. 59-66, DOI:10.1016/j.procs.2021.01.103.
  20. URL: https://www.researchgate.net/publication/349525938_The_Role_of_Employees’_Information_Security_Awareness_on_the_Intention_to_Resist_Social_Engineering
  21. Jansson K., von Solms R. Phishing for phishing awareness. Behavior and Information Technology, 32 (6) (2011), pp. 584-593, 10.1080/0144929X.2011.632650.
  22. URL: https://www.researchgate.net/publication/254220544_Phishing_for_phishing_awareness
  23. Joseph M. Hatfield (June 2019). “Virtuous human hacking: The ethics of social engineering in Cybersecurity. 83 (1):1477. DOI: 10.1016/j.cose.2019.02.012.

Published online 27.06.2024