Cybersecurity criminals often use social engineering techniques to meet their objectives. The most egregious cybersecurity attacks may be designed to get an organization to override defenses, change standards, or convince governing bodies to change laws and regulations through political pressure, espionage, or litigation. By creating cultures of trust or mistrust, organizational leaders can be persuaded to declassify information or make changes that allow such adversaries to gain access to things that are unavailable to them. Through time and strategy, cybercriminals can weaken cybersecurity defense capabilities and awareness. Organizations people trust may use social engineering against consumers through online advertisements, cookies, and spyware to gather data, like IP addresses, location histories, and browsing preferences, for gain and profit. This study highlights areas where social engineering tools are designed into devices and activities to influence behavior in personal and professional settings.
TopIntroduction
Research into new social engineering paradigms began with realizing the potential for executing social engineering attacks by gaining access to information from everyday objects and devices in our homes, offices, markets, and public environments called the Internet of Things (IoT). Social engineering is a common method used by hackers to circumvent security barriers by exploiting human weaknesses (Wang et al., 2021). Social engineering consists of four stages that may be repeated as many as required to achieve the goal:
- 1.
Compile the essential background information on the victim.
- 2.
Establish a trusting connection with the victim.
- 3.
Make use of the available information and carry out the assault.
- 4.
End the contact without leaving any traces.
The term Internet of Things refers to the general concept of things, particularly everyday objects, that are readable, recognizable, locatable, addressable, and/or controllable via the Internet, whether via RFID, wireless LAN, wide-area network, or other means (Harit et al., 2017). The number of IoT attack vectors seems limitless, and the lack of standardized security for such devices makes them the obvious target for gathering data to launch social engineering attacks as well as other attacks that benefit from interactive surveillance and data collection.
The Internet of Things (IoT) has the capacity to link billions of everyday objects. that we come into contact with daily, such as automobiles and other machines, as well as many things that we may not be aware of, such as food, clothing, boundaries, landmarks, commodities, infrastructure, and more (Harit et al., 2017). The overall footprint and complexity of disparate entities capable of interacting with IoT devices (Matyokurehwa et al., 2022) create a social engineering attack vector (Wang et al., 2021) fueled by a global array of supply chains (Omitola & Wills, 2018). This study looks at the various landscapes of threats and vulnerabilities targeted by modern cybersecurity attack vectors.
Attackers can use IoT and AI technologies to conduct social engineering attacks by exploiting vulnerabilities in the devices and systems that make up the Internet of Things (IoT) and by using AI-powered bots to mimic human behavior and manipulate individuals into divulging sensitive information or taking malicious actions. These vulnerabilities can be found in the devices and systems that make up the Internet of Things (IoT).
TopSignificance Of The Project
Lack of research makes state-of-the-art literature reviews invaluable tools to offer new perspectives on current issues and point out areas for further research to assess and develop knowledge within a research field (Grant & Booth, 2009; Snyder, 2019). When compared to other empirical research, literature reviews need to be more related to evolving technologies in the field of cybersecurity. Literature reviews of social engineering in cybersecurity need more transparent, systematic procedures to replicate research and trace the arguments and conclusions. This research aims to elaborate on the significance of literature reviews in assessing the influence of specific advancing technologies.