Malicious scammers and social engineers are causing great harms to modern society. Knowledge about social engineering (SE) is wide-spread and it exits in non-academic papers and communication channels. Knowledge is mostly based on expert opinion and experience reports. Such knowledge, if articulated, can provide a valid source of knowledge and information. We performed the analysis of such sources and adopted grounded theory to extract the general knowledge behind SE. The study aims to understand the rationale of social engineers, capture the knowledge of SE attacks and extract important information from the sources, propose an activity for counteracting SE attacks, and how it can be used in security education.
Online safety awareness and human factors: An application of the theory of human ecology
Efforts have been made on large and small scales to reduce cybersecurity threats around the world, including in...