Abstract
Social engineering relies on human vulnerability to exploit system security. Social engineering attacks are relatively harder to protect against as they mainly target the user, and not just hardware or software system defenses. End user awareness can be considered as one of the simplest yet most effective ways to protect the end user against social engineering vectors. The present study ascertains the level of user susceptibility to social engineering attacks in a cooperating corporate organization. Two attack scenarios, a spear-phishing campaign and a physical intrusion vector were designed targeting the organization's user population (employees) based on publicly available information from the Internet. Clues relating to social engineering techniques were included in the attacks to alert suspicious users. Despite the revealing signs of a social engineering campaign, the results indicated that a significantly high proportion (46-60%) of the users fell prey and failed to identify the attacks. It was observed that lack of user awareness remained the primary cause of the success of the attacks, requiring corrective action through post-incident training and regular IT security drills.
Original language | English |
---|---|
Title of host publication | Proceedings 2017 13th International Conference on Emerging Technologies |
Publisher | Institute of Electrical and Electronics Engineers |
Number of pages | 6 |
ISBN (Electronic) | 978-1-5386-2260-5 , 978-1-5386-2259-9 , 978-1-5386-2261-2 |
DOIs | |
Publication status | Published - 8 Feb 2018 |
Externally published | Yes |
Event | 2017 13th International Conference on Emerging Technologies - Islamabad, Pakistan Duration: 27 Dec 2017 → 28 Dec 2017 Conference number: 13th |
Publication series
Name | 2017 13th International Conference on Emerging Technologies (ICET) |
---|
Conference
Conference | 2017 13th International Conference on Emerging Technologies |
---|---|
Abbreviated title | ICET2017 |
Country/Territory | Pakistan |
City | Islamabad |
Period | 27/12/17 → 28/12/17 |