Title

An assessment of people's vulnerabilities in relation to personal and sensitive data

Document Type

Conference Proceeding

Publisher

University of Plymouth

Faculty

Computing, Health and Science

School

Computer and Security Science, Centre for Security Research

RAS ID

8779

Comments

Originally published as: Sanders, B. G., Dowland, P. S., & Furnell, S. (2009). An Assessment of People’s Vulnerabilities in Relation to Personal and Sensitive Data. Advances in Communications, Computing, Networks and Security: Proceedings of the MSc/MRes programmes from the School of Computing, Communications and Electronics, 2007-2008, 6, 124. Original article available here

Abstract

Social engineering refers to a number of techniques that are used to exploit human vulnerabilities and manipulate people into breaking normal security procedures. Evidence suggests that this problem is rapidly increasing and cyber criminals are using a magnitude of different avenues to reach their intended victims. This paper presents an assessment of people's vulnerabilities in relation to personal and sensitive data. The experiment used an online web survey which comprised of both direct and non-direct social engineering attack scenarios. In addition the survey measured and assessed the level of risk that social networking users are currently exposing themselves to. The results showed that respondent's security awareness levels had improved on previous studies but significant problems still existed with user's abilities to detect and appropriately respond to social engineering threats.

 
COinS