Skip to main content
SpringerLink
Log in

Social Engineering Attacks: Recent Advances and Challenges

  • Conference paper
  • First Online:
HCI for Cybersecurity, Privacy and Trust (HCII 2021)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 12788))

Included in the following conference series:

Abstract

The world’s technological landscape is continuously evolving with new possibilities, yet also evolving in parallel with the emergence of new threats. Social engineering is of predominant concern for industries, governments and institutions due to the exploitation of their most valuable resource, their people. Social engineers prey on the psychological weaknesses of humans with sophisticated attacks, which pose serious cybersecurity threats to digital infrastructure. Social engineers use deception and manipulation by means of human computer interaction to exploit privacy and cybersecurity concerns. Numerous forms of attacks have been observed, which can target a range of resources such as intellectual property, confidential data and financial resources. Therefore, institutions must be prepared for any kind of attack that may be deployed and demonstrate willingness to implement new defense strategies. In this article, we present the state-of-the-art social engineering attacks, their classification and various mitigation strategies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Wang, Z., Sun, L., Zhu, H.: Defining social engineering in cybersecurity. IEEE Access 8, 85094–85115 (2020)

    Article  Google Scholar 

  2. Salahdine, F., Kaabouch, N.: Social engineering attacks: a survey. Future Internet 11(4), 89 (2019)

    Article  Google Scholar 

  3. Albladi, S.M., Weir, G.R.S.: User characteristics that influence judgment of social engineering attacks in social networks. Hum.-Cent. Comput. Inf. Sci. 8(1), 1–24 (2018). https://doi.org/10.1186/s13673-018-0128-7

    Article  Google Scholar 

  4. Williams, E.J., Hinds, J., Joinson, A.N.: Exploring susceptibility to phishing in the workplace. Int. J. Hum. Comput. Stud. 120, 1–13 (2018)

    Article  Google Scholar 

  5. Breda, F., Barbosa, H., Morais, T.: Social engineering and cyber security. In: Proceedings of International Technology, Education and Development Conference (2017)

    Google Scholar 

  6. Kumar, A., Chaudhary, M., Kumar, N.: Social engineering threats and awareness: a survey. Eur. J. Adv. Eng. Tech. 2(11), 15–19 (2015)

    MathSciNet  Google Scholar 

  7. Hakak, S., Khan, W.Z., Imran, M., Choo, K.-K.R., Shoaib, M.: Have you been a victim of COVID-19-related cyber incidents? Survey, taxonomy, and mitigation strategies. IEEE Access 8, 124134–124144 (2020)

    Article  Google Scholar 

  8. FBI. Federal agencies warn of emerging fraud schemes related to COVID-19 vaccines. [Online]. Available: https://www.fbi.gov/news/pressrel/press-releases/federal-agencies-warn-of-emerging-fraud-schemes-related-to-covid-19-vaccines

  9. Alzahrani, A.: Coronavirus social engineering attacks: issues and recommendations. Int. J. Adv. Comput. Sci. Appl. 11(5), 9 (2020). https://doi.org/10.14569/IJACSA.2020.0110523

    Article  MathSciNet  Google Scholar 

  10. Google. Protecting businesses against cyber threats during COVID-19 and beyond. [Online]. Available: https://cloud.google.com/blog/products/identity-security/protecting-against-cyber-threats-during-covid-19-and-beyond

  11. Szurdi, J., Starov, O., McCabe, A., Chen, Z., Duan, R.: Studying how cybercriminals prey on the COVID-19 pandemic. [Online]. Available: https://unit42.paloaltonetworks.com/how-cybercriminals-prey-on-the-covid-19-pandemic/

  12. Albladi, S.M., Weir, G.R.: Predicting individuals’ vulnerability to social engineering in social networks. Cybersecur. 3(1), 1–19 (2020)

    Article  Google Scholar 

  13. Lansley, M., Kapetanakis, S., Polatidis, N.: SEADer++ v2: detecting social engineering attacks using natural language processing and machine learning. In: 2020 International Conference on Innovations in Intelligent Systems and Applications (INISTA), pp. 1–6. IEEE (2020)

    Google Scholar 

  14. Basit, A., Zafar, M., Liu, X., Javed, A.R., Jalil, Z., Kifayat, K.: A comprehensive survey of AI-enabled phishing attacks detection techniques. Telecommun. Syst. 76(1), 139–154 (2020). https://doi.org/10.1007/s11235-020-00733-2

    Article  Google Scholar 

  15. Abreu, J.V.F., Fernandes, J.H.C., Gondim, J.J.C., Ralha, C.G.: Bot development for social engineering attacks on Twitter. arXiv preprint arXiv:2007.11778 (2020)

  16. Smith, A., Papadaki, M., Furnell, S.M.: Improving awareness of social engineering attacks. In: Dodge, R.C., Futcher, L. (eds.) WISE 2009/2011/2013. IAICT, vol. 406, pp. 249–256. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39377-8_29

    Chapter  Google Scholar 

  17. Saleem, J., Hammoudeh, M.: Defense methods against social engineering attacks. In: Daimi, K. (ed.) Computer and Network Security Essentials, pp. 603–618. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-58424-9_35

    Chapter  Google Scholar 

  18. Zulkurnain, A.U., Hamidy, A., Husain, A.B., Chizari, H.: Social engineering attack mitigation. Int. J. Math. Comput. Sci. 1(4), 188–198 (2015)

    Google Scholar 

  19. Bullée, J.-W., Montoya, L., Pieters, W., Junger, M., Hartel, P.H.: The persuasion and security awareness experiment: reducing the success of social engineering attacks. J. Exp. Criminol. 11, 97–115 (2015)

    Article  Google Scholar 

  20. Parthy, P.P., Rajendran, G.: Identification and prevention of social engineering attacks on an enterprise. In: 2019 International Carnahan Conference on Security Technology (ICCST), pp. 1–5. IEEE (2019)

    Google Scholar 

  21. Aldawood, H.A., Skinner, G.: A critical appraisal of contemporary cyber security social engineering solutions: measures, policies, tools and applications. In: 2018 26th International Conference on Systems Engineering (ICSEng), pp. 1–6. IEEE (2018)

    Google Scholar 

  22. Aldawood, H., Skinner, G.: An academic review of current industrial and commercial cyber security social engineering solutions. In: Proceedings of the 3rd International Conference on Cryptography, Security and Privacy, pp. 110–115 (2019)

    Google Scholar 

  23. Campbell, C.C.: Solutions for counteracting human deception in social engineering attacks. Inf. Technol. People 32(5), 1130–1152 (2019)

    Article  Google Scholar 

  24. Heartfield, R., Loukas, G., Gan, D.: You are probably not the weakest link: towards practical prediction of susceptibility to semantic social engineering attacks. IEEE Access 4, 6910–6928 (2016)

    Article  Google Scholar 

  25. Google. Improving malicious document detection in gmail with deeplearning (2020). [Online]. Available: https://security.googleblog.com/2020/02/improving-malicious-document-detection.html. Accessed 16 January 2021

  26. World Health Organisation. How to report misinformation online (2020). [Online]. Available: https://www.who.int/campaigns/connecting-the-world-to-combat-coronavirus/how-to-report-misinformation-online. Accessed 16 January 2021

  27. W.H.O. Coronavirus disease (COVID-19) advice for the public: mythbusters (2020). [Online]. Available: https://www.who.int/emergencies/diseases/novel-coronavirus-2019/advice-for-public/myth-busters. Accessed 16 January 2021

  28. U.Gov. (2020) Go viral! a 5 minute game that helps protect you against COVID-19 misinformation. [Online]. Available: https://www.goviralgame.com/en?utm_source=EO&utm_medium=SocialMedia&utm_campaign=goviral&utm_content=Eng. Accessed 16 January 2021

  29. WHO. Countering misinformation with the government of the United Kingdom (2020). [Online]. Available: https://www.who.int/news-room/feature-stories/detail/countering-misinformation-about-covid-19. Accessed 16 January 2021

  30. Shafi, M., et al.: 5g: a tutorial overview of standards, trials, challenges, deployment, and practice. IEEE J Sel. Areas Commun. 35(6), 1201–1221 (2017)

    Article  Google Scholar 

  31. Cresci, S.: A decade of social bot detection. Commun. ACM 63(10), 72–83 (2020)

    Article  Google Scholar 

  32. Heidari, M., Jones, J.H.: Using bert to extract topic-independent sentiment features for social media bot detection. In: 11th IEEE Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON), vol. 2020, pp. 0542–0547. IEEE (2020)

    Google Scholar 

  33. Kudugunta, S., Ferrara, E.: Deep neural networks for bot detection. Inf. Sci. 467, 312–322 (2018)

    Article  Google Scholar 

  34. Wu, W., Alvarez, J., Liu, C., Sun, H.-M.: Bot detection using unsupervised machine learning. Microsyst. Technol. 24(1), 209–217 (2018)

    Article  Google Scholar 

  35. Abou Daya, A., Salahuddin, M.A., Limam, N., Boutaba, R.: A graph-based machine learning approach for bot detection. In: IFIP/IEEE Symposium on Integrated Network and Service Management (IM), vol. 2019, pp. 144–152. IEEE (2019)

    Google Scholar 

  36. Huh, J.-H., Seo, Y.-S.: Understanding edge computing: engineering evolution with artificial intelligence. IEEE Access 7, 164229–164245 (2019)

    Article  Google Scholar 

  37. Xia, P., et al.: Don’t fish in troubled waters! characterizing coronavirus-themed cryptocurrency scams (2020)

    Google Scholar 

  38. Weber, K., Schütz, A., Fertig, T., Müller, N.: Exploiting the human factor: social engineering attacks on cryptocurrency users 07, 650–668 (2020)

    Google Scholar 

  39. Khan, W.Z., Ahmed, E., Hakak, S., Yaqoob, I., Ahmed, A.: Edge computing: a survey. Future Gener. Comput. Syst. 97, 219–235 (2019)

    Article  Google Scholar 

  40. Hakak, S., Ray, S., Khan, W.Z., Scheme, E.: A framework for edge-assisted healthcare data analytics using federated learning. In: IEEE International Workshop on Data Analytics for Smart Health (DASH) 2020. IEEE BigData (2020)

    Google Scholar 

  41. Hakak, S., Khan, W.Z., Gilkar, G.A., Haider, N., Imran, M., Alkatheiri, M.S.: Industrial wastewater management using blockchain technology: architecture, requirements, and future directions. IEEE Internet of Things Mag. 3(2), 38–43 (2020)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Computer Science, University of New Brunswick, Fredericton, Canada

    Nikol Mashtalyar, Uwera Nina Ntaganzwa, Thales Santos, Saqib Hakak & Suprio Ray

Authors
  1. Nikol Mashtalyar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Uwera Nina Ntaganzwa
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Thales Santos
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Saqib Hakak
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Suprio Ray
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Nikol Mashtalyar , Uwera Nina Ntaganzwa , Thales Santos , Saqib Hakak or Suprio Ray .

Editor information

Editors and Affiliations

  1. San Jose State University, San Jose, CA, USA

    Abbas Moallem

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Mashtalyar, N., Ntaganzwa, U.N., Santos, T., Hakak, S., Ray, S. (2021). Social Engineering Attacks: Recent Advances and Challenges. In: Moallem, A. (eds) HCI for Cybersecurity, Privacy and Trust. HCII 2021. Lecture Notes in Computer Science(), vol 12788. Springer, Cham. https://doi.org/10.1007/978-3-030-77392-2_27

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-77392-2_27

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-77391-5

  • Online ISBN: 978-3-030-77392-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation