The Impact of Social Engineer Attack Phases on Improved Security Countermeasures: Social Engineer Involvement as Mediating Variable

The Impact of Social Engineer Attack Phases on Improved Security Countermeasures: Social Engineer Involvement as Mediating Variable

Louay Karadsheh (Higher Colleges of Technology, Dubai, UAE), Haroun Alryalat (University of Bahrain, The Kingdom of Bahrain), Ja'far Alqatawna (The University of Jordan, Jordan & Higher Colleges of Technology, Dubai, UAE), Samer Fawaz Alhawari (The World Islamic Sciences and Education University, Jordan) and Mufleh Amin AL Jarrah (Amman Arab University, Jordan)
Copyright: © 2022 |Pages: 26
DOI: 10.4018/IJDCF.286762
Article PDF Download
Open access articles are freely available for download

Abstract

The objective of this paper is to examine a model to identify Social Engineer Attack Phases to improve the security countermeasures by Social-Engineer Involvement. A questionnaire was developed and distributed to a sample of 243 respondents who were actively engaged in 3 Jordanian telecommunication companies. All hypotheses were tested using (PLS-SEM). The results of the study indicate that Social Engineer Attack Phases (Identification the potential target, Target Recognition, Decision approach, and Execution) have a partially mediate and significant impact on improving the security countermeasures by Social-Engineer Involvement. On the other hand, the Social Engineer Attack Phases (Information Aggregations, Analysis and Interpretation, Armament, and Influencing) have a fully mediate and significant impact on improving the security countermeasures by Social-Engineer Involvement. The findings of this study help to provide deep insight to help security professionals prepare better and implement the right and appropriate countermeasures, whether technical or soft measures.
Article Preview
Top

Literature Review

Concept of Social Engineering (SE)

There are many definitions of the concept of SE. For instance, Hadnagy (2010) defined SE as the action of operating an individual to take any action that might or can not be in the goal’s greatest attention. Additionaay, SE is a human creative practice to utilize and transform the objective world; engineering is an artificial system and a product to solve some social-economic problems and improve their living conditions (Zhangbao and Yang, 2019).

An Attacker can automate malicious efforts and reduce attacking costs such as sending phishing or spear phishing emails. Moreover, Mitnick and Simon (2011) claimed that SE usages effect to betray persons by considerable them that the social engineer is somebody he is not. Therfore, the social engineer could have took advantage of people to obtain information with or without the used of technology. To better understand the reason for successful engineering attacks the authors would review the psychological impact.

Complete Article List

Search this Journal:
Reset
Volume 14: 1 Issue (2022)
Volume 13: 6 Issues (2021)
Volume 12: 4 Issues (2020)
Volume 11: 4 Issues (2019)
Volume 10: 4 Issues (2018)
Volume 9: 4 Issues (2017)
Volume 8: 4 Issues (2016)
Volume 7: 4 Issues (2015)
Volume 6: 4 Issues (2014)
Volume 5: 4 Issues (2013)
Volume 4: 4 Issues (2012)
Volume 3: 4 Issues (2011)
Volume 2: 4 Issues (2010)
Volume 1: 4 Issues (2009)
View Complete Journal Contents Listing