The questions this project addressed include: How is social engineering used to deploy malware? What is the economic impact of successful malware/ransomware attacks? What security measures can be implemented to help mitigate these attacks? This research focuses on...
Research Library
The world’s first globally accessible archive of research into the human aspect of cyber security and behavioural science as applied to cyber security awareness and online behavioural change.
To see the latest studies from pioneering academics, scroll down.
Adversarial ‘intended’ use of technology and the need for new threat models addressing human harms
The need for new threat models is considered first through a study of user behavior and perceptions of norms with respect to phone sharing and access behaviors in romantic relationships. We find that most people give their partner access to their phone but often have...
Impact of human vulnerabilities on cyber security
Humans play a major role in the field of cybersecurity. It is observed that more than 39% of security risks are related to the human factor, and 95% of successful cyber-attacks are caused by human error, with most of them being insider threats. The major human factor...
Understanding and deciphering of social engineering attack scenarios
Malicious scammers and social engineers are causing great harms to modern society. Knowledge about social engineering (SE) is wide-spread and it exits in non-academic papers and communication channels. Knowledge is mostly based on expert opinion and experience...
Social engineering : introduction to social engineering through real-life hacking attempts
Social engineering is influencing someone to gain something to yourself but it can be used in a malicious and criminal purposes also. The task was to investigate what different methods are used and how it is used as a tool in cyber attacks. The statistics were...
Psyber security: a new emerging topic and research area within human security – part 2
In today’s digital world, everyone interacts with technology in one way or another, which leaves all technology users vulnerable to psyber security attacks. Because of the recent emergence of the subject of psyber security, and the infantile stage of research...
“Get a red-hot poker and open up my eyes, it’s so boring”: Employee perceptions of cybersecurity training
To understand employee negative perceptions of SETA programs, researchers conducted in-depth interviews with 20 Australian employees regarding their experiences with both SETA programs and non-cybersecurity related workplace training. As expected, employees had a...
Understanding responses to phishing in Saudi Arabia via the theory of planned behaviour
Saudi Arabia has seen an enormous growth in Internet usage over the past few years. With increasing adoption of this technology has come a rise in cyber crime, often enabled through use of social engineering. Phishing is a prime example, aiming to deceive users into...
Phishing happens beyond technology: The effects of human behaviours and demographics on each step of a phishing process
This study investigates to what extent people’s risk-taking and decision-making styles influence the likelihood of phishing victimisation in three specific phishing steps. We asked participants to play a risk-taking game and to answer questions related to two...
Examining the generational impact on risk: Internet of Things (IoT)
The purpose of this Causal-Comparative quantitative study was to develop an increased understanding of the different generations and how they perceive risk and to what extent they are comfortable using Fitbit devices in an everyday setting. This study was conducted...