Fostering Social Engineering Awareness: Proactive Model

Abstract

Social Engineering aims to trick users into revealing sensitive information by making use of their lack of literacy in Social engineering tricks and the limited or no technical mechanisms on their systems to protect against such attacks. The motive of this research is to check the awareness and perceptions on social media of employees from the Information technology sector as well as the other sectors in an equal proportion. This paper shows a series of results which shows the weak points of defending against Social engineering attacks as an individual and in an organizational point of view. The methodology used to conduct this research was an online survey which was sent through email and social media and was successfully completed by 118 people and rejected by approximately 50 people. The awareness or the need of training to identify Social engineering tricks can be clearly seen by the analysed results. As a solution to this escalating issue, this paper suggests a model which is named as ‘Proactive model A’ that can be used by individuals as well as organizations to mitigate the risks of Social Engineering attacks by implementing the model in their policies and training programs so that it can help in minimizing the damage to critical assets of the organizations.