Regresar

Analysis of Vulnerabilities Associated with Social Engineering Attacks Based on User Behavior

Abstract:

One of the most effective attacks on cybersecurity is Social Engineering, in which the attacker deceives an end-user to steal its credentials and perpetrate cyber-crimes. There are hardware and software countermeasures to deal with these types of attacks. However, people themselves are the most vulnerable link in this security chain. In addition, there are influencing factors in people’s behavior, which make them more vulnerable. This study aims to determine the most common characteristics that make users vulnerable, either individually or in groups. For this, we conduct an exploratory and descriptive study on administrative, lecturers, and students of a higher education institution on four scales that consider the following behaviors: risk behavior, conservative behavior, exposure to offense, and perception of risk. The results obtained show that users with risky behavior are the most exposed to a Social Engineering attack. We also concluded that the analyzed groups of lecturers and administrators are less likely to be victims of these attacks than students. Finally, we inferred that people who spend more time in front of a computer and are more permissive of risky behaviors are more vulnerable to these attacks.