A Survey of Social Engineers that did not Collect Enough Data
Downloads
In The context of Information technology and Cyber Security a nexus of computers and humans occurs as Social engineering. Defenders would like to know how this group interacts with users to gain access to secure information. The purpose of this research initially was to find out from Social Engineers what were the best defensive techniques. A survey was created to ask social engineers about specific defensive techniques that are prevalent in Cyber security. Not enough data was collected from social engineers and the second half of the paper covers why this was. One of the main reasons for lack of data was due to a lack of in-group trust of the researchers by the group being researched. Much of the theory behind the why has been applied to other groups in other fields.
C. Hadnagy, Social Engineering: The art of human hacking, Indianapolis: Wiley, 2011.
C. Hadnagy, Unmasking the social engineer: the human element of security, Indianapolis: Wiley, 2014.
C. Hadnagy, Social Engineering: the science of human hacking, Indianapolis: Wiley, 2018.
J. Talamantes, The social engineer's playbook: a practical guide to pretexting, Woodbury: Hexcode, 2014.
R. A. Grimes, Hacking the hacker: Learn from the experts who take down hackers, Indianapolis 500: Wiley, 2017.
K. Mitnick and W. L. Simon, The art of deception: controling the human element of security, Indianapolis: Wiley, 2003.
M. Jakobsson and S. Myers, Phishing aand countermeasures, Indianapolis: Wiley, 2007.
F. Salahdine and N. Kaabouch, "Social engineering attacks: A survey," Future Internet, vol. 11, no. 4, p. 89, 2019.
N. Galov, "17+ Sinister Social Engineering Statistics for 2021," u.k u.k 2021. [Online]. Available: https://hostingtribunal.com/blog/social-engineering-statistics. [Accessed 19 March 2022].
C. Jacomme and S. Kremer, "An extensive formal analysis of multi-factor authentication protocols," in 31st IEEE Computer Security Foundations Symposium, Oxford, 2018.
A. Almomani, B. B. Gupta, S. Atawaneh and E. Almomani, "A survey of phishing email filtering techniques," IEEE Comunications Surveys & Tutorials, pp. 2070-2090, 28 March 2013.
R. Duncan, "Influence versus manipulation: Understanding the difference," 21 December 2018. [Online]. Available:
https://www.forbes.com/sites/rodgerdeanduncan/2018/12/21/influence-vs-manipulation-understand-the-difference/?sh=7947ef9f470c. [Accessed 25 December 2020].
E. Maxwell, "Influence vs. Manipulation. Security through education," u.k u.k 2004. [Online]. Available: https://www.social-engineer.org/ newsletter/Social-Engineer.Org%20Newsletter% 20Vol.%2004%20Iss.%2045.htm. [Accessed 27 Dec 2020].
R. Dreeke, "It's not all about "me": the top ten techniques for building quick rapport with anyone," self published, u.k, 2011.
M. Karlins and J. Navarro, What ever body is saying: an ex-FBI agent's guide to speed reading people, New York: Harper Collins, 2008.
W. E. Saris, Design, evaluation, and analysis of questionaires for survey research, Indianapolis: Wiley, 2014.
P. Harris, R. Taylor, R. Thielke, J. Payne, N. Gonzalez and J. Conde, "A metadata-driven methodology and workflow process for providing translational research informatics support," Journal of Biomedical informatics, vol. 42, no. 2, pp. 377-381, 2009.
Reddit, "Dive into anything," Reddit, [Online]. Available: https://www.redditinc.com/. [Accessed 22 April 2022].
F. K. Wilits, G. L. Theodori and A. E. Luloff, "Another look at Likert scales," Journal of Rural Social Sciences, vol. 31, no. 3, pp. 126-139, 2016.
A. Diamantopoulos, M. Sarstedt, C. Fuchs, P. Wilczynski and S. Kaiser, "Guidelines for choosing between Multi-item and Single-item scales for construction measurement: A predictive Validity," Journal of the Academy of Marketing Science, vol. 40, no. 3, pp. 434-449, 2012.
E. G. Carmines and R. A. Zeller, Reliability and validity assessment, Thousand Oaks: Sage, 1979.
T. R. Hinkin, "A review of scale development prectices in the study of organizations," Journal of management, vol. 21, no. 5, pp. 967-988, 1995.
C. E. Neurt and T. Lenzner, "Effects of the number of open-ended probing questions on response quality in cognitive online pretests.," Social Science Computer Review, vol. 39, no. 3, pp. 456-468, 2021.
Verizon, "Data Breach Investigations Report," Verizon, 2021.
S. Herek, Director, Bill & Ted's Excellent Adventure. [Film]. United States: Paramount
R. Borum, The scienc of interpersonal trust, digitalcommons.usf.edu, 2010, p. 574.
K. J. Stewart, "Trust transfer on the world wide web," Organization Science, vol. 14, no. 1, pp. 5-17, 2003.
J. R. Evans and A. Mathur, "The value of online surveys," Internet Research, vol. 15, no. 2, pp. 195-219, 2005.
Cisco, "Vulnerability information. E-mail and spam data," Cisco Talos Intelligence Group, 2021.
World Bank, "Individuals using the internet (% of population)," World Bank, 2021. [Online]. Available: https://data.worldbank.org/indicator/IT.NET.USER.ZS. [Accessed 12 Febuary 2021].
