Skip to main content
SpringerLink
Log in

Social Engineering through Social Media: An Investigation on Enterprise Security

  • Conference paper
Applications and Techniques in Information Security (ATIS 2014)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 490))

Abstract

Social engineering attacks the weakest organizational security link – the human. The influx of employees using social media throughout the working environment has presented information security professionals with an extensive array of challenges facing people, process and technology. These challenges also show enormous impact on the confidentiality, integrity and availability of information assets residing within the organization. This paper aims to provide an in-depth insight into classification and mitigation of social engineering security issues faced by enterprises in adopting social media for business use.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Almeida, F.: Web 2.0 technologies and social networking security fears in enterprises. arXiv preprint arXiv:1204 (2012)

    Google Scholar 

  2. Bell, J.: Clearing the AIR. Communication World 27(1), 27–30 (2010)

    Google Scholar 

  3. Colwill, C.: Human factors in information security: The insider threat–Who can you trust these days? Information Security Technical Report 14(4), 186–196 (2009)

    Article  Google Scholar 

  4. Furnell, S.: End User Security Culture – A Lesson That Will Never Be Learnt? Computer Fraud & Security, 6–9 (April 2008)

    Google Scholar 

  5. Gross, R., Acquisti, A.: Information revelation and privacy in online social networks. In: Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, pp. 71–80. ACM (November 2005)

    Google Scholar 

  6. Gudaitis, The Impact of Social Media on Information Security: What every company needs to know (2013)

    Google Scholar 

  7. Hardy, C.A., Williams, S.P.: Managing information risks and protecting information assets in a Web 2.0 era. In: Proceedings of the 23rd Bled eConferenceeTrust: Implications for the Individual, Enterprises and Society, Bled, Slovenia, June 20-23 (2010)

    Google Scholar 

  8. He, W.: A review of social media security risks and mitigation techniques. Journal of Systems and Information Technology 14(2), 171–180 (2012)

    Article  Google Scholar 

  9. ISACA. Social Media: Business Benefits and Security, Governance and Assurance Perspectives. An ISACA emerging technology whitepaper (2010)

    Google Scholar 

  10. King, P.: Cyber Crooks Target Social Networking Sites, Point for Credit Research & advice, 9 (January 1, 2008)

    Google Scholar 

  11. Meister, J.C., Willyerd, K.: The 2020 workplace. HarperCollins, New York (2010)

    Google Scholar 

  12. Rudman, R.J.: Framework to identify and manage risks in Web 2.0 applications. African Journal of Business Management 4(13), 3251–3264 (2010)

    Google Scholar 

  13. Sanders, B.G., Dowland, P.S., Furnell, S.: An Assessment of People’s Vulnerabilities in Relation to Personal and Sensitive Data. In: Proceedings of the Third International Symposium on Human Aspects of Information Security & Assurance (HAISA 2009), Athens, Greece, June 25-26, p. 50 (2009)

    Google Scholar 

  14. Savage, M.: Target the human. Cybercriminals are using social engineering fueled by social media to attack users and break into companies. Information Security (May, 2011)

    Google Scholar 

  15. Shogren, E.: BP: A textbook example of how not to handle PR. The message makers: inside PR and advertising, NPR (2011)

    Google Scholar 

  16. Symantec. Social Media Protection Flash Poll Global Results. Powerpoint Presentation (2011)

    Google Scholar 

  17. Turner, R.: The dawn of a new approach to security. Computer Fraud & Security 2010(4), 15–17 (2010)

    Article  Google Scholar 

  18. Workman, M., Bommer, W.H., Straub, D.: Security lapses and the omission of information security measures: A threat control model and empirical test. Computers in Human Behavior 24(6), 2799–2816 (2008)

    Article  Google Scholar 

  19. Wright, D.K., Hinson, M.D.: An analysis of the increasing impact of social and other new media on public relations practice. In: 12th Annual International Public Relations Research Conference, Coral Gables, Florida, vol. 7 (March 2009)

    Google Scholar 

  20. Young, K.: Policies and procedures to manage employee Internet abuse. Computers in Human Behavior 26(6), 1467–1471 (2010)

    Article  Google Scholar 

  21. Zerfass, A., Linke, A.: Future trends in social media use for strategic organisation communication: Results of a Delphi study. Public Communication Review 2(3) (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computing & Mathematics, Charles Sturt University, Australia, 2640

    Heidi Wilcox, Maumita Bhattacharya & Rafiqul Islam

Authors
  1. Heidi Wilcox
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Maumita Bhattacharya
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rafiqul Islam
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information Technology, Deakin University, Melbourne, Australia

    Lynn Batten

  2. School of Information Technology, Deakin University, Australia

    Gang Li

  3. Institute of Information Engineering, Chinese Academy of Sciences, China

    Wenjia Niu

  4. School of Information and Business Analysis, Melbourne Camput at Burwood, Deakin University, 221, Burwood Highway, 315, Burwood, VIC, Australia

    Matthew Warren

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wilcox, H., Bhattacharya, M., Islam, R. (2014). Social Engineering through Social Media: An Investigation on Enterprise Security. In: Batten, L., Li, G., Niu, W., Warren, M. (eds) Applications and Techniques in Information Security. ATIS 2014. Communications in Computer and Information Science, vol 490. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-45670-5_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-45670-5_23

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-45669-9

  • Online ISBN: 978-3-662-45670-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation