In this paper, we discuss phishing as one of the attack types used in social engineering. Phishing attacks will be discussed by simulating a process between two different devices in two different networks. An experimental penetration test was performed on one of the local network devices to obtain data and information of the victim. The experiment involves sending fake email containing a link to a fake website in order to persuade the victim to enter personal data logs into the fake website. The experiment illustrates the ways in which an attacker may defraud the victim. In addition, the experiment contributes to the protection from and avoidance to exposure of this type of attack.
Is cybersecurity research missing a trick? Integrating insights from the psychology of habit into research and practice.
The idea that people should form positive security habits is gaining increasing attention amongst security...