Social Engineering Vulnerabilities |
Social engineering refers to the phenomenon of circumventing technical security mechanisms inherent in a system by manipulating legitimate users of the system using a host of physical and psychological compromising methods. This may lead to a compromise of the underlying IT systems for possible exploitation. It remains a popular method of bypassing security because attacks focus on the weakest link in the security architecture, the staff of the organization, instead of directly targeting electronic and cryptographic security algorithms. Universities and academic institutions are no exception to this vulnerability and the present research aims to investigate the level of susceptibility of university staff to social engineering vulnerabilities. This research entailed an experiment involving email based auditing technique directed at staff in the Faculty of Technology, University of Plymouth. The results were analysed from a quantitative and qualitative perspective and compared with results generated from similar experiments to ascertain the level of staff’s susceptibility to this threat.
Bakhshi T, Papadaki M