In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
Third International Conference on Human Aspects of Information Security & Assurance (HAISA 2009)
Title: An Assessment of People's Vulnerabilities in Relation to Personal & Sensitive Data
Author(s): Benjamin Sanders, Paul Dowland, Steven Furnell
Keywords: Social Engineering, Human Vulnerabilities, Phishing, Social Networking
Abstract: Social engineering refers to a number of techniques that are used to exploit human vulnerabilities and manipulate people into breaking normal security procedures. Evidence suggests that this problem is rapidly increasing and cyber criminals are using a magnitude of different avenues to reach their intended victims. This paper presents an assessment of people’s vulnerabilities in relation to personal and sensitive data. The experiment used an online web survey which comprised of both direct and non-direct social engineering attack scenarios. In addition the survey measured and assessed the level of risk that social networking users are currently exposing themselves to. The results showed that respondent’s security awareness levels had improved on previous studies but significant problems still existed with user’s abilities to detect and appropriately respond to social engineering threats.
Download count: 1446
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.