Investigating the Experience of Social Engineering Victims: Exploratory and User Testing Study
<p dir="ltr">The advent of mobile technologies and social network applications has led to an increase in malicious scams and social engineering (SE) attacks which are causing loss of money and breaches of personal information. Understanding how SE attacks spread can provide useful in...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | , |
| Published: |
2021
|
| Subjects: | |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1864513506112438272 |
|---|---|
| author | Bilikis Banire (14158833) |
| author2 | Dena Al Thani (14149995) Yin Yang (35103) |
| author2_role | author author |
| author_facet | Bilikis Banire (14158833) Dena Al Thani (14149995) Yin Yang (35103) |
| author_role | author |
| dc.creator.none.fl_str_mv | Bilikis Banire (14158833) Dena Al Thani (14149995) Yin Yang (35103) |
| dc.date.none.fl_str_mv | 2021-11-06T03:00:00Z |
| dc.identifier.none.fl_str_mv | 10.3390/electronics10212709 |
| dc.relation.none.fl_str_mv | https://figshare.com/articles/journal_contribution/Investigating_the_Experience_of_Social_Engineering_Victims_Exploratory_and_User_Testing_Study/26946277 |
| dc.rights.none.fl_str_mv | CC BY 4.0 info:eu-repo/semantics/openAccess |
| dc.subject.none.fl_str_mv | Information and computing sciences Artificial intelligence Cybersecurity and privacy Human-centred computing social engineering exploratory study grounded theory user testing study |
| dc.title.none.fl_str_mv | Investigating the Experience of Social Engineering Victims: Exploratory and User Testing Study |
| dc.type.none.fl_str_mv | Text Journal contribution info:eu-repo/semantics/publishedVersion text contribution to journal |
| description | <p dir="ltr">The advent of mobile technologies and social network applications has led to an increase in malicious scams and social engineering (SE) attacks which are causing loss of money and breaches of personal information. Understanding how SE attacks spread can provide useful information in curbing them. Artificial Intelligence (AI) has demonstrated efficacy in detecting SE attacks, but the acceptability of such a detection approach is yet to be investigated across users with different levels of SE awareness. This paper conducted two studies: (1) exploratory study where qualitative data were collected from 20 victims of SE attacks to inform the development of an AI-based tool for detecting fraudulent messages; and (2) a user testing study with 48 participants with different occupations to determine the detection tool acceptability. Overall, six major themes emerged from the victims’ actions “experiences: reasons for falling for attacks; attack methods; advice on preventing attacks; detection methods; attack context and victims”. The user testing study showed that the AI-based tool was accepted by all users irrespective of their occupation. The categories of users’ occupations can be attributed to the level of SE awareness. Information security awareness should not be limited to organizational levels but extend to social media platforms as public information.</p><h2>Other Information</h2><p dir="ltr">Published in: Electronics<br>License: <a href="https://creativecommons.org/licenses/by/4.0/" target="_blank">https://creativecommons.org/licenses/by/4.0/</a><br>See article on publisher's website: <a href="https://dx.doi.org/10.3390/electronics10212709" target="_blank">https://dx.doi.org/10.3390/electronics10212709</a></p> |
| eu_rights_str_mv | openAccess |
| id | Manara2_476363ff4e32151a179bce547044678e |
| identifier_str_mv | 10.3390/electronics10212709 |
| network_acronym_str | Manara2 |
| network_name_str | Manara2 |
| oai_identifier_str | oai:figshare.com:article/26946277 |
| publishDate | 2021 |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| rights_invalid_str_mv | CC BY 4.0 |
| spelling | Investigating the Experience of Social Engineering Victims: Exploratory and User Testing StudyBilikis Banire (14158833)Dena Al Thani (14149995)Yin Yang (35103)Information and computing sciencesArtificial intelligenceCybersecurity and privacyHuman-centred computingsocial engineeringexploratory studygrounded theoryuser testing study<p dir="ltr">The advent of mobile technologies and social network applications has led to an increase in malicious scams and social engineering (SE) attacks which are causing loss of money and breaches of personal information. Understanding how SE attacks spread can provide useful information in curbing them. Artificial Intelligence (AI) has demonstrated efficacy in detecting SE attacks, but the acceptability of such a detection approach is yet to be investigated across users with different levels of SE awareness. This paper conducted two studies: (1) exploratory study where qualitative data were collected from 20 victims of SE attacks to inform the development of an AI-based tool for detecting fraudulent messages; and (2) a user testing study with 48 participants with different occupations to determine the detection tool acceptability. Overall, six major themes emerged from the victims’ actions “experiences: reasons for falling for attacks; attack methods; advice on preventing attacks; detection methods; attack context and victims”. The user testing study showed that the AI-based tool was accepted by all users irrespective of their occupation. The categories of users’ occupations can be attributed to the level of SE awareness. Information security awareness should not be limited to organizational levels but extend to social media platforms as public information.</p><h2>Other Information</h2><p dir="ltr">Published in: Electronics<br>License: <a href="https://creativecommons.org/licenses/by/4.0/" target="_blank">https://creativecommons.org/licenses/by/4.0/</a><br>See article on publisher's website: <a href="https://dx.doi.org/10.3390/electronics10212709" target="_blank">https://dx.doi.org/10.3390/electronics10212709</a></p>2021-11-06T03:00:00ZTextJournal contributioninfo:eu-repo/semantics/publishedVersiontextcontribution to journal10.3390/electronics10212709https://figshare.com/articles/journal_contribution/Investigating_the_Experience_of_Social_Engineering_Victims_Exploratory_and_User_Testing_Study/26946277CC BY 4.0info:eu-repo/semantics/openAccessoai:figshare.com:article/269462772021-11-06T03:00:00Z |
| spellingShingle | Investigating the Experience of Social Engineering Victims: Exploratory and User Testing Study Bilikis Banire (14158833) Information and computing sciences Artificial intelligence Cybersecurity and privacy Human-centred computing social engineering exploratory study grounded theory user testing study |
| status_str | publishedVersion |
| title | Investigating the Experience of Social Engineering Victims: Exploratory and User Testing Study |
| title_full | Investigating the Experience of Social Engineering Victims: Exploratory and User Testing Study |
| title_fullStr | Investigating the Experience of Social Engineering Victims: Exploratory and User Testing Study |
| title_full_unstemmed | Investigating the Experience of Social Engineering Victims: Exploratory and User Testing Study |
| title_short | Investigating the Experience of Social Engineering Victims: Exploratory and User Testing Study |
| title_sort | Investigating the Experience of Social Engineering Victims: Exploratory and User Testing Study |
| topic | Information and computing sciences Artificial intelligence Cybersecurity and privacy Human-centred computing social engineering exploratory study grounded theory user testing study |