Malicious scammers and social engineers are causing great harms to modern society. Knowledge about social engineering (SE) is wide-spread and it exits in non-academic papers and communication channels. Knowledge is mostly based on expert opinion and experience reports. Such knowledge, if articulated, can provide a valid source of knowledge and information. We performed the analysis of such sources and adopted grounded theory to extract the general knowledge behind SE. The study aims to understand the rationale of social engineers, capture the knowledge of SE attacks and extract important information from the sources, propose an activity for counteracting SE attacks, and how it can be used in security education.
Research on the effectiveness of cyber security awareness in ICS Risk Assessment Frameworks
Assessing security awareness among users is essential for protecting industrial control systems (ICSs) from social...