Publication details

Home Publications Publication details

Improving Awareness on Social Engineering Attacks
Smith A, Papadaki M
Advances in Communications, Computing, Networks and Security 6, ISBN: 978-1-84102-258-1, pp144-151, 2009
Can be ordered on-line.
Download links:  Download PDF

Social engineering as a method of attack is by no means a new concept, and can be easily defined as the exploitation of human weakness, gullibility and ignorance. If one was a believer in religion it could be argued that the first case of social engineering was achieved by the devil (the serpent), tricking Eve into eating forbidden fruit, thus releasing knowledge of good and evil into the world, essentially getting someone in a position of trust to perform an action they themselves could not. Social Engineering can be seen throughout history, possibly changing its alias from time to time, but still realising the same results from what is a relatively simple technique. Examples of this can be seen throughout conflicts such as World War I and II, the term ‘propaganda’ was adopted to describe what was essentially social engineering in a new form, with an attempt to control the attitudes and behaviour on a large scale (Jastrow & Podhoretz, 2000).

However at current within the general IT community and especially amongst home users, the awareness of social engineering and its many implementable techniques is relatively low. The purpose of this research is to build an understanding of all the currently known about trends associated with the social engineering methodology of hacking and discover what attempts are being performed to raise users awareness to these issues. This research will cumulate in the development of an experiment, designed to evaluate the success of a newly designed educational tool based on the research discovered.

Smith A, Papadaki M