Publication details

Home Publications Publication details

Social Engineering: Phishing for a Solution
Odaro U, Sanders B
Advances in Communications, Computing, Networks and Security Volume 8, ISBN: 978-1-84102-293-2, pp88-96, 2011
Can be ordered on-line.
Download links:  Download PDF

Following the remarkable success experienced by social engineers at targeting America Online (AOL) services, they realised the potential for targeting other organisations (Ramzan, 2007). Phishing-based social engineering attacks exploit human vulnerabilities as opposed to software vulnerabilities. As a result, these attacks pose a threat to unsuspecting end users. This research measured users’ awareness of phishing attacks. A combination of legitimate and illegitimate emails and websites scenarios were presented to 153 participants through an online survey. The results showed on an overall level that the participants classified 43% of the legitimate emails correctly and 67% of the illegitimate emails correctly. Furthermore, the participants classified 73% of the legitimate websites correctly and 56% of illegitimate websites correctly. The remaining proportion which constituted the misclassified and uncertain responses however revealed a significant lack of awareness on the part of the respondents, indicating a need to improve user awareness in relation to phishing attacks. Additionally, the certificate of a website was included in the study which revealed that only 33% of the respondents had ever checked for the certificate of a website.

Odaro U, Sanders B