IJSTR

International Journal of Scientific & Technology Research

Home About Us Scope Editorial Board Blog/Latest News Contact Us
0.2
2019CiteScore
 
10th percentile
Powered by  Scopus
Scopus coverage:
Nov 2018 to May 2020

CALL FOR PAPERS
AUTHORS
DOWNLOADS
CONTACT

IJSTR >> Volume 9 - Issue 10, October 2020 Edition



International Journal of Scientific & Technology Research  
International Journal of Scientific & Technology Research

Website: http://www.ijstr.org

ISSN 2277-8616



Social Engineering, New Era Of Stealth And Fraud Common Attack Techniques And How To Prevent Against

[Full Text]

 

AUTHOR(S)

Asma A. Alsufyani, Lama A. Alhathally, Bayan O. Al-Amri, Sabah M Alzahrani

 

KEYWORDS

Baiting; Dumpster Diving; Eavesdropping; Phishing; Pretexting; Quid Pro Quo; Reverse Social Engineering; Security Threats; Shoulder Surfing; Social Engineering; Watering Hole.

 

ABSTRACT

as our modern daily lives require continues connection to online resources and services, the threat of these services being exploited to do harm rapidly increases. The human naïve nature could be a reason to that whereas some threats and attacks are actually the absolute opposite of such a trait, human minds can produce both good and bad methods to use technology, one of the very bad methods nowadays is widely known as social engineering, an evidence to prove that internet cannot and won’t be a safe place for those who don’t carry a careful and wise practice while using technology. This survey paper addresses social engineering threats and categories and, discuss some of the studies on countermeasures to prevent such attacks, providing a comprehensive survey study of social engineering to help understand more about this modern way of theft, manipulation and fraud.

 

REFERENCES

[1]. R. Gulati, "The threat of social engineering and your defense against it," SANS Reading Room, 2003.
[2]. A. Koyun and E. Al Janabi, "Social engineering attacks," Journal of Multidisciplinary Engineering Science and Technology (JMEST).
[3]. K. Zetter, "Google hack attack was ultra sophisticated," New Details Show.
[4]. I. Ghafir, V. Prenosil, A. Alhejailan, and M. Hammoudeh, "Social engineering attack strategies and defence approaches," in 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), pp. 145-149.
[5]. D. l. van Liempd, A. Sjouw, M. Smakman, and K. Smit, "Social Engineering As An Approach For Probing Organizations To Improve It Security: A Case Study At A Large International Firm In The Transport Industry."
[6]. A. Chitrey, D. Singh, and V. Singh, "A comprehensive study of social engineering based attacks in india to develop a conceptual model," International Journal of Information and Network Security, vol. 1, p. 45.
[7]. N. Y. Conteh and P. J. Schmick, "Cybersecurity: risks, vulnerabilities and countermeasures to prevent social engineering attacks," International Journal of Advanced Computer Research, vol. 6, p. 31.
[8]. J. K. Burgoon and T. R. Levine, "Advances in deception detection," New directions in interpersonal communication research, vol. 20.
[9]. A. Acquisti, L. Brandimarte, and G. Loewenstein, "Privacy and human behavior in the age of information," Science, vol. 347, pp. 509-514.
[10]. S. Abraham and I. Chengalur-Smith, "An overview of social engineering malware: Trends, tactics, and implications," Technology in Society, vol. 32, pp. 183-196.
[11]. M. Junger, L. Montoya, and F.-J. Overink, "Priming and warnings are not effective to prevent social engineering attacks," Computers in human behavior, vol. 66, pp. 75-87.
[12]. N. Y. Conteh and P. J. Schmick, "Cybersecurity: risks, vulnerabilities and countermeasures to prevent social engineering attacks," International Journal of Advanced Computer Research, vol. 6, p. 31, 2016.
[13]. I. Ghafir, V. Prenosil, A. Alhejailan, and M. Hammoudeh, "Social engineering attack strategies and defence approaches," in 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), 2016, pp. 145-149.
[14]. A. Adewole, A. Durosinmi, and M. A. Polyetchnic, "Social engineering threats and applicable countermeasures," African Journal of Computing & ICT, vol. 8, 2015.
[15]. F. Salahdine and N. Kaabouch, "Social engineering attacks: A survey," Future Internet, vol. 11, p. 89, 2019.
[16]. P. P. Parthy and G. Rajendran, "Identification and prevention of social engineering attacks on an enterprise," in 2019 International Carnahan Conference on Security Technology (ICCST), 2019, pp. 1-5.
[17]. D. Irani, M. Balduzzi, D. Balzarotti, E. Kirda, and C. Pu, "Reverse social engineering attacks in online social networks," in International conference on detection of intrusions and malware, and vulnerability assessment, 2011, pp. 55-74.
[18]. A. Koyun and E. Al Janabi, "Social engineering attacks," Journal of Multidisciplinary Engineering Science and Technology (JMEST), 2017.
[19]. C. Hadnagy, Social engineering: The art of human hacking: John Wiley & Sons, 2010.
[20]. S. Lohani, "Social Engineering: Hacking into Humans," International Journal of Advanced Studies of Scientific Research, vol. 4, 2019.
[21]. D. van Liempd, A. Sjouw, M. Smakman, and K. Smit, "Social Engineering As An Approach For Probing Organizations To Improve It Security: A Case Study At A Large International Firm In The Transport Industry," 2019.
[22]. R. Dhamija, J. D. Tygar, and M. Hearst, "Why phishing works," in Proceedings of the SIGCHI conference on Human Factors in computing systems, 2006, pp. 581-590.
[23]. X. Luo, R. Brody, A. Seazzu, and S. Burd, "Social engineering: The neglected human factor for information security management," Information Resources Management Journal (IRMJ), vol. 24, pp. 1-8, 2011.
[24]. K. Ivaturi and L. Janczewski, "A taxonomy for social engineering attacks," in International Conference on Information Resources Management, 2011, pp. 1-12.
[25]. A. Algarni, Y. Xu, T. Chan, and Y.-C. Tian, "Social engineering in social networking sites: Affect-based model," in 8th International Conference for Internet Technology and Secured Transactions (ICITST-2013), 2013, pp. 508-515.
[26]. W. R. Flores and M. Ekstedt, "Countermeasures for Social Engineering-based Malware Installation Attacks," in CONF-IRM, 2013, p. 23.