Social engineering: Assessing vulnerabilities in practice

Information Management and Computer Security

Volumn 17, Issue 1, 2009, Pages 53-63

  Bakhshi, Taimur ^a   Papadaki, Maria ^a   Furnell, Steven ^a  

^a UNIVERSITY OF PLYMOUTH   (United Kingdom)

Author keywords

Computer crimes; Data security; Electronic mail

Indexed keywords

DATA SECURITY; DESIGN/METHODOLOGY/APPROACH; SECURITY AWARENESS; SECURITY-AWARE; SOCIAL ENGINEERING; SOFTWARE INSTALLATIONS; SOFTWARE UPDATES; STAFF MEMBERS;

COMPUTER CRIME; COMPUTER SOFTWARE; ELECTRONIC MAIL; ENGINEERING; WINDOWS; WORLD WIDE WEB;

EXPERIMENTS;

EID: 67651021787     PISSN: 09685227     EISSN: None     Source Type: Journal    
DOI: 10.1108/09685220910944768     Document Type: Article

References (11)

1. Dodge, R.C., Carver, C. and Ferguson, A.J. (2007), "Phishing for user security awareness", Computers and Security, Vol. 26 No. 1, pp. 73-80.
2. Erianger, L. (2004), "The weakest link", PC Magazine, Vol. 23, pp. 58-9.
3. Granger, S. (2001), "Social engineering fundamentals, part I: hacker tactics", SecurityFocus, 18 December, available at: www.securityfocus.com/infocus/1527 (accessed 12 October 2008).
4. Greening, T. (1996), "Ask and ye shall receive: A study in social engineering", ACM SIGSAC Review, Vol. 14 No. 2, pp. 8-14.
5. Karakasiliotis, A., Furnell, S. and Papadaki, M. (2007), "An assessment of end user vulnerability to phishing attacks", Journal of Information Warfare, Vol. 6 No. 1, pp. 17-28.
6. Mitnick, K. and Simon, W. (2002), The Art of Deception: Controlling the Human Element of Security, Wiley, Indianapolis, IN.
7. Nolan, J. and Levesque, M. (2005), "Hacking human: Data-archaeology and surveillance in social networks", ACM SIGGROUP Bulletin, Vol. 25 No. 2, pp. 33-7.
8. Orgill, G.L., Romney, G.W., Bailey, M.G. and Orgill, P.M. (2004), "The urgency for effective user privacy-education to counter social engineering attacks on secure computer systems", Proceedings of 5th Conference on Information Technology Education, Salt Lake City, Utah, 28-30 October, pp. 171-81.
9. Papadaki, M., Furnell, S. and Dodge, R. (2008), "Social engineering: Exploiting the weakest links", Whitepaper, European Network and Information Security Agency (ENISA), October, available at: www.enisa.europa.eu/doc/pdf/publications/enisa_whitepaper_social_ engineering.pdf (accessed 12 October).
10. Stasiukonis, S. (2006), "Social engineering, the USB way", Dark Reading, 7 June, available at: www.darkreading.com/ document.asp?doc_id=95556 (accessed 12 October 2008).
11. Thornburgh, T. (2004), "Social engineering: The dark art", Proceedings of the 1st Annual Conference on Information Security Curriculum Development, Kennesaw State University, Kennesaw, GA, 17-18 September.