Social engineering attack examples, templates and scenarios
The field of information security is a fast-growing discipline. Even though the effectiveness of security measures to protect sensitive information is increasing, people remain susceptible to manipulation and thus the human element remains a weak link. A social engineering attack targets this weakne...
Saved in:
| Published in | Computers & security Vol. 59; pp. 186 - 209 |
|---|---|
| Main Authors | , , |
| Format | Journal Article |
| Language | English |
| Published |
Amsterdam
Elsevier Ltd
01.06.2016
Elsevier Sequoia S.A |
| Subjects | |
| Online Access | Get full text |
| ISSN | 0167-4048 1872-6208 |
| DOI | 10.1016/j.cose.2016.03.004 |
Cover
| Abstract | The field of information security is a fast-growing discipline. Even though the effectiveness of security measures to protect sensitive information is increasing, people remain susceptible to manipulation and thus the human element remains a weak link. A social engineering attack targets this weakness by using various manipulation techniques to elicit sensitive information. The field of social engineering is still in its early stages with regard to formal definitions, attack frameworks and templates of attacks. This paper proposes detailed social engineering attack templates that are derived from real-world social engineering examples. Current documented examples of social engineering attacks do not include all the attack steps and phases. The proposed social engineering attack templates attempt to alleviate the problem of limited documented literature on social engineering attacks by mapping the real-world examples to the social engineering attack framework. Mapping several similar real-world examples to the social engineering attack framework allows one to establish a detailed flow of the attack whilst abstracting subjects and objects. This mapping is then utilised to propose the generalised social engineering attack templates that are representative of real-world examples, whilst still being general enough to encompass several different real-world examples. The proposed social engineering attack templates cover all three types of communication, namely bidirectional communication, unidirectional communication and indirect communication. In order to perform comparative studies of different social engineering models, processes and frameworks, it is necessary to have a formalised set of social engineering attack scenarios that are fully detailed in every phase and step of the process. The social engineering attack templates are converted to social engineering attack scenarios by populating the template with both subjects and objects from real-world examples whilst still maintaining the detailed flow of the attack as provided in the template. Furthermore, this paper illustrates how the social engineering attack scenarios are applied to verify a social engineering attack detection model. These templates and scenarios can be used by other researchers to either expand on, use for comparative measures, create additional examples or evaluate models for completeness. Additionally, the proposed social engineering attack templates can also be used to develop social engineering awareness material. |
|---|---|
| AbstractList | The field of information security is a fast-growing discipline. Even though the effectiveness of security measures to protect sensitive information is increasing, people remain susceptible to manipulation and thus the human element remains a weak link. A social engineering attack targets this weakness by using various manipulation techniques to elicit sensitive information. The field of social engineering is still in its early stages with regard to formal definitions, attack frameworks and templates of attacks. This paper proposes detailed social engineering attack templates that are derived from real-world social engineering examples. The proposed social engineering attack templates attempt to alleviate the problem of limited documented literature on social engineering attacks by mapping the real-world examples to the social engineering attack framework. Mapping several similar real-world examples to the social engineering attack framework allows one to establish a detailed flow of the attack whilst abstracting subjects and objects. Furthermore, this paper illustrates how the social engineering attack scenarios are applied to verify a social engineering attack detection model. The field of information security is a fast-growing discipline. Even though the effectiveness of security measures to protect sensitive information is increasing, people remain susceptible to manipulation and thus the human element remains a weak link. A social engineering attack targets this weakness by using various manipulation techniques to elicit sensitive information. The field of social engineering is still in its early stages with regard to formal definitions, attack frameworks and templates of attacks. This paper proposes detailed social engineering attack templates that are derived from real-world social engineering examples. Current documented examples of social engineering attacks do not include all the attack steps and phases. The proposed social engineering attack templates attempt to alleviate the problem of limited documented literature on social engineering attacks by mapping the real-world examples to the social engineering attack framework. Mapping several similar real-world examples to the social engineering attack framework allows one to establish a detailed flow of the attack whilst abstracting subjects and objects. This mapping is then utilised to propose the generalised social engineering attack templates that are representative of real-world examples, whilst still being general enough to encompass several different real-world examples. The proposed social engineering attack templates cover all three types of communication, namely bidirectional communication, unidirectional communication and indirect communication. In order to perform comparative studies of different social engineering models, processes and frameworks, it is necessary to have a formalised set of social engineering attack scenarios that are fully detailed in every phase and step of the process. The social engineering attack templates are converted to social engineering attack scenarios by populating the template with both subjects and objects from real-world examples whilst still maintaining the detailed flow of the attack as provided in the template. Furthermore, this paper illustrates how the social engineering attack scenarios are applied to verify a social engineering attack detection model. These templates and scenarios can be used by other researchers to either expand on, use for comparative measures, create additional examples or evaluate models for completeness. Additionally, the proposed social engineering attack templates can also be used to develop social engineering awareness material. |
| Author | Mouton, Francois Venter, H.S. Leenen, Louise |
| Author_xml | – sequence: 1 givenname: Francois orcidid: 0000-0001-8804-7601 surname: Mouton fullname: Mouton, Francois email: moutonf@gmail.com organization: Command, Control and Information Warfare, Defence, Peace, Safety and Security, Council for Scientific and Industrial Research, Pretoria, South Africa – sequence: 2 givenname: Louise surname: Leenen fullname: Leenen, Louise organization: Command, Control and Information Warfare, Defence, Peace, Safety and Security, Council for Scientific and Industrial Research, Pretoria, South Africa – sequence: 3 givenname: H.S. surname: Venter fullname: Venter, H.S. organization: Department of Computer Science, University of Pretoria, Pretoria, South Africa |
| BookMark | eNp9kD9LBDEQxYMoeJ5-AasFGwt3nSS7mxzaiPgPBAu1DtlklJx7yZnkRL-9Oc_KwmoezPvNPN4e2fbBIyGHFBoKtD-dNyYkbFjRDfAGoN0iEyoFq3sGcptMykLULbRyl-ylNAegopdyQs4eg3F6rNC_Oo8YnX-tdM7avFX4qRfLEdNJlbEInTFV2tsqGfQ6upD2yc6LHhMe_M4peb6-erq8re8fbu4uL-5rw3uaa8qHGdXAwRjbzeiAtrVswKHrJBNMc4GMQ2cp7dgg-x5mRmhru8G20BnGgE_J8ebuMob3FaasFq6EGEftMaySopL2wAvfFevRH-s8rKIv6RQVUoi-vGqLS25cJoaUIr4o47LOLvgctRsVBbVuVc3VulW1blUBV_CDsj_oMrqFjl__Q-cbCEtLHw6jSsahN2hdRJOVDe4__Bsqz5F5 |
| CODEN | CPSEDU |
| CitedBy_id | crossref_primary_10_3390_s18030817 crossref_primary_10_1108_K_05_2021_0377 crossref_primary_10_1002_spy2_486 crossref_primary_10_1016_j_infsof_2024_107426 crossref_primary_10_1177_02666669221116336 crossref_primary_10_1080_23738871_2018_1514417 crossref_primary_10_1016_j_cose_2020_101761 crossref_primary_10_1108_ITP_11_2021_0864 crossref_primary_10_1109_MCOM_2017_1600969 crossref_primary_10_1007_s10111_021_00683_y crossref_primary_10_1016_j_cose_2024_103741 crossref_primary_10_1080_24751839_2020_1747001 crossref_primary_10_1108_ICS_09_2021_0137 crossref_primary_10_1016_j_ijhcs_2019_05_007 crossref_primary_10_7717_peerj_cs_2487 crossref_primary_10_1002_spy2_161 crossref_primary_10_1007_s41870_023_01540_z crossref_primary_10_1109_RITA_2021_3052686 crossref_primary_10_38017_2390058X_73 crossref_primary_10_3390_s19092148 crossref_primary_10_4018_IJDCF_286762 crossref_primary_10_1109_ACCESS_2019_2919150 crossref_primary_10_1080_10447318_2024_2415750 crossref_primary_10_4236_sn_2018_72008 crossref_primary_10_1016_j_digbus_2020_100001 crossref_primary_10_3233_JCS_181253 crossref_primary_10_1007_s10611_021_09993_8 crossref_primary_10_3390_fi11040089 crossref_primary_10_1016_j_cose_2017_10_008 crossref_primary_10_1109_ACCESS_2022_3162594 crossref_primary_10_4018_JGIM_293290 crossref_primary_10_3390_s22228663 crossref_primary_10_55056_ed_778 crossref_primary_10_1016_j_jisa_2023_103501 crossref_primary_10_1016_j_cose_2023_103207 crossref_primary_10_1109_MNET_105_2100425 crossref_primary_10_22394_1726_1139_2022_2_123_138 crossref_primary_10_2139_ssrn_2467423 crossref_primary_10_1109_ACCESS_2020_3048839 crossref_primary_10_1002_spy2_73 crossref_primary_10_1007_s12243_020_00785_0 crossref_primary_10_1016_j_cose_2024_104137 crossref_primary_10_1109_ACCESS_2022_3191790 crossref_primary_10_3390_s21206814 crossref_primary_10_1002_ett_4876 crossref_primary_10_1016_j_knosys_2022_108709 crossref_primary_10_1080_08874417_2023_2185551 crossref_primary_10_1108_OCJ_03_2021_0006 crossref_primary_10_1109_ACCESS_2021_3051633 crossref_primary_10_1016_j_cose_2017_02_006 crossref_primary_10_1016_j_procs_2021_01_103 crossref_primary_10_31185_wjcm_48 crossref_primary_10_1080_23742917_2025_2454620 crossref_primary_10_1109_ACCESS_2024_3403197 crossref_primary_10_1109_TNSM_2020_3037050 crossref_primary_10_28925_2663_4023_2020_8_165173 crossref_primary_10_1016_j_bushor_2018_02_001 crossref_primary_10_1016_j_procs_2019_09_241 crossref_primary_10_1111_jpim_12545 |
| Cites_doi | 10.1080/19393550802623214 10.1037/h0025325 10.1080/01449290903121386 10.1007/978-3-662-44208-1_22 10.1037/h0047855 10.1080/00049537108254613 10.1108/09685220810920549 10.1201/1086.1065898X/46353.15.4.20060901/95427.3 10.1108/18347641211272731 10.1177/0146167205279904 10.1016/j.techsoc.2010.07.001 10.1080/0144929X.2013.763860 10.1016/j.dss.2003.11.004 10.1145/1290958.1290968 10.1177/0146167285111004 10.1016/j.cose.2015.09.001 10.1037/h0041109 |
| ContentType | Journal Article |
| Copyright | 2016 Elsevier Ltd Copyright Elsevier Sequoia S.A. Jun 2016 |
| Copyright_xml | – notice: 2016 Elsevier Ltd – notice: Copyright Elsevier Sequoia S.A. Jun 2016 |
| DBID | AAYXX CITATION 7SC 8FD JQ2 K7. L7M L~C L~D |
| DOI | 10.1016/j.cose.2016.03.004 |
| DatabaseName | CrossRef Computer and Information Systems Abstracts Technology Research Database ProQuest Computer Science Collection ProQuest Criminal Justice (Alumni) Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Academic Computer and Information Systems Abstracts Professional |
| DatabaseTitle | CrossRef ProQuest Criminal Justice (Alumni) Technology Research Database Computer and Information Systems Abstracts – Academic ProQuest Computer Science Collection Computer and Information Systems Abstracts Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Professional |
| DatabaseTitleList | ProQuest Criminal Justice (Alumni) Computer and Information Systems Abstracts |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science Engineering |
| EISSN | 1872-6208 |
| EndPage | 209 |
| ExternalDocumentID | 4050287571 10_1016_j_cose_2016_03_004 S0167404816300268 |
| Genre | Feature |
| GroupedDBID | --K --M -~X .DC .~1 0R~ 1B1 1RT 1~. 1~5 29F 4.4 457 4G. 5GY 5VS 7-5 71M 8P~ 9JN AACTN AAEDT AAEDW AAIAV AAIKJ AAKOC AALRI AAOAW AAQFI AAQXK AAXUO AAYFN ABBOA ABFSI ABMAC ABXDB ABYKQ ACDAQ ACGFO ACGFS ACNNM ACRLP ACZNC ADBBV ADEZE ADHUB ADJOM ADMUD AEBSH AEKER AENEX AFFNX AFKWA AFTJW AGHFR AGUBO AGYEJ AHHHB AHZHX AIALX AIEXJ AIKHN AITUG AJBFU AJOXV ALMA_UNASSIGNED_HOLDINGS AMFUW AMRAJ AOUOD ASPBG AVWKF AXJTR AZFZN BKOJK BKOMP BLXMC CS3 DU5 E.L EBS EFJIC EFLBG EJD EO8 EO9 EP2 EP3 FDB FEDTE FGOYB FIRID FNPLU FYGXN G-2 G-Q GBLVA GBOLZ HLX HLZ HVGLF HZ~ IHE J1W KOM LG8 LG9 M41 MO0 MS~ N9A O-L O9- OAUVE OZT P-8 P-9 P2P PC. PQQKQ Q38 R2- RIG RNS ROL RPZ RXW SBC SBM SDF SDG SDP SES SEW SPC SPCBC SSV SSZ T5K TAE TN5 TWZ WH7 WUQ XJE XPP XSW YK3 ZMT ~G- AATTM AAXKI AAYWO AAYXX ABJNI ABWVN ACRPL ACVFH ADCNI ADNMO AEIPS AEUPX AFJKZ AFPUW AFXIZ AGCQF AGQPQ AGRNS AIGII AIIUN AKBMS AKRWK AKYEP ANKPU APXCP BNPGV CITATION SSH 7SC 8FD EFKBS JQ2 K7. L7M L~C L~D |
| ID | FETCH-LOGICAL-c361t-13b91a030ccd591bed4d2beb558272a37e2305d1152b86609c7add5bd405c2203 |
| IEDL.DBID | AIKHN |
| ISSN | 0167-4048 |
| IngestDate | Thu Sep 04 16:57:56 EDT 2025 Fri Jul 25 04:59:23 EDT 2025 Thu Apr 24 23:05:00 EDT 2025 Tue Jul 01 03:48:13 EDT 2025 Fri Feb 23 02:33:37 EST 2024 |
| IsPeerReviewed | true |
| IsScholarly | true |
| Keywords | Unidirectional communication Social engineering attack framework Bidirectional communication Social engineering Social engineering attack detection model Social engineering attack templates Social engineering attack examples Indirect communication Mitnick's attack cycle Social engineering attack scenario |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-c361t-13b91a030ccd591bed4d2beb558272a37e2305d1152b86609c7add5bd405c2203 |
| Notes | SourceType-Scholarly Journals-1 ObjectType-Feature-1 content type line 14 ObjectType-Article-1 ObjectType-Feature-2 content type line 23 |
| ORCID | 0000-0001-8804-7601 |
| PQID | 1787762304 |
| PQPubID | 46289 |
| PageCount | 24 |
| ParticipantIDs | proquest_miscellaneous_1816031155 proquest_journals_1787762304 crossref_citationtrail_10_1016_j_cose_2016_03_004 crossref_primary_10_1016_j_cose_2016_03_004 elsevier_sciencedirect_doi_10_1016_j_cose_2016_03_004 |
| ProviderPackageCode | CITATION AAYXX |
| PublicationCentury | 2000 |
| PublicationDate | June 2016 2016-06-00 20160601 |
| PublicationDateYYYYMMDD | 2016-06-01 |
| PublicationDate_xml | – month: 06 year: 2016 text: June 2016 |
| PublicationDecade | 2010 |
| PublicationPlace | Amsterdam |
| PublicationPlace_xml | – name: Amsterdam |
| PublicationTitle | Computers & security |
| PublicationYear | 2016 |
| Publisher | Elsevier Ltd Elsevier Sequoia S.A |
| Publisher_xml | – name: Elsevier Ltd – name: Elsevier Sequoia S.A |
| References | Ivaturi, Janczewski (bib0130) 2011 Mohd Foozy, Ahmad, Abdollah, Yusof, Mas'ud (bib0205) 2011 Mouton, Malan, Kimppa, Venter (bib0235) 2015; 55 Jagatic, Johnson, Jakobsson, Menczer (bib0135) 2007; 50 Peltier (bib0250) 2006; 15 Tetri, Vuorinen (bib0290) 2013; 32 Major (bib0195) 2009; 18 Åhlfeldt, Backlund, Wangler, Söderström (bib0015) 2005 Mouton, Malan, Venter (bib0215) 2013 Brody, Brizzee, Cano (bib0030) 2012; 20 Greitzer, Strozer, Cohen, Bergey, Cowley, Moore (bib0090) 2014 Long (bib0185) 2011 Hadnagy (bib0100) 2010 Hamill, Deckro, Kloeber (bib0105) 2005; 39 Lott, Lott (bib0190) 1961; 62 Tam, Glassman, Vandenwauver (bib0285) 2010; 29 Esmail (bib0070) 2015; 6 Stasiukonis (bib0275) 2006 Workman (bib0300) 2008; 16 Dimkov, van Cleeff, Pieters, Hartel (bib0060) 2010 Mouton, Leenen, Malan, Venter (bib0220) 2014 Schrittwieser, Frühwirt, Kieseberg, Leithner, Mulazzani, Huber (bib0265) 2012 Jetten, Hornsey, Adarves-Yorno (bib0150) 2006; 32 Gruschka, Jensen (bib0095) 2010 Rao, Nayak (bib0255) 2014 CERT Insider Threat Team (bib0040) 2013 Mitnick, Simon (bib0200) 2002 Nohlberg (bib0240) 2008 Mouton, Leenen, Venter (bib0230) 2015 Abraham, Chengalur-Smith (bib0010) 2010; 32 Bader, Anjomshoaa, Tjoa (bib0020) 2010 Krombholz, Hobel, Huber, Weippl (bib0170) 2013 Kieseberg, Leithner, Mulazzani, Munroe, Schrittwieser, Sinha (bib0160) 2010 Salem, Hossain, Kamala (bib0260) 2010 Mouton, Malan, Venter (bib0210) 2012 Granger (bib0080) 2001 Dittes, Kelley (bib0065) 1956; 53 Jahankhani (bib0140) 2012; 7 Brainard, Juels, Rivest, Szydlo, Yung (bib0025) 2006 Janczewski, Fu (bib0145) 2010 Symantec Security Response (bib0280) 2014 Dang (bib0055) 2008; 1 Laribee (bib0175) 2006 Hill (bib0115) 1971; 23 Gerard, Wilhelmy, Conolley (bib0075) 1968; 8 Zeltser (bib0305) 2009 Harley (bib0110) 1998 Brown, Howe, Ihbe, Prakash, Borders (bib0035) 2008 Greitzer, Strozer, Cohen, Moore, Mundie, Cowley (bib0085) 2014 Culpepper (bib0050) 2004 Lenkart (bib0180) 2011 Mouton, Malan, Leenen, Venter (bib0225) 2014 Noy, McGuinness (bib0245) 2001 CERT Insider Threat Team (bib0045) 2014 Simon (bib0270) 1957 Irani, Balduzzi, Balzarotti, Kirda, Pu (bib0125) 2011 Jodeit, Johns (bib0155) 2010 Thornburgh (bib0295) 2004 Insko, Smith, Alicke, Wade, Taylor (bib0120) 1985; 11 Kingsley Ezechi (bib0165) 2011 Dang (10.1016/j.cose.2016.03.004_bib0055) 2008; 1 Jagatic (10.1016/j.cose.2016.03.004_bib0135) 2007; 50 CERT Insider Threat Team (10.1016/j.cose.2016.03.004_bib0040) Noy (10.1016/j.cose.2016.03.004_bib0245) 2001 Harley (10.1016/j.cose.2016.03.004_bib0110) 1998 Jetten (10.1016/j.cose.2016.03.004_bib0150) 2006; 32 Stasiukonis (10.1016/j.cose.2016.03.004_bib0275) Dimkov (10.1016/j.cose.2016.03.004_bib0060) Long (10.1016/j.cose.2016.03.004_bib0185) 2011 Lott (10.1016/j.cose.2016.03.004_bib0190) 1961; 62 Schrittwieser (10.1016/j.cose.2016.03.004_bib0265) 2012 Bader (10.1016/j.cose.2016.03.004_bib0020) 2010 Dittes (10.1016/j.cose.2016.03.004_bib0065) 1956; 53 Mouton (10.1016/j.cose.2016.03.004_bib0210) 2012 Kingsley Ezechi (10.1016/j.cose.2016.03.004_bib0165) Rao (10.1016/j.cose.2016.03.004_bib0255) 2014 Salem (10.1016/j.cose.2016.03.004_bib0260) 2010 Symantec Security Response (10.1016/j.cose.2016.03.004_bib0280) Insko (10.1016/j.cose.2016.03.004_bib0120) 1985; 11 CERT Insider Threat Team (10.1016/j.cose.2016.03.004_bib0045) Mouton (10.1016/j.cose.2016.03.004_bib0215) 2013 Workman (10.1016/j.cose.2016.03.004_bib0300) 2008; 16 Mohd Foozy (10.1016/j.cose.2016.03.004_bib0205) 2011 Simon (10.1016/j.cose.2016.03.004_bib0270) 1957 Tam (10.1016/j.cose.2016.03.004_bib0285) 2010; 29 Granger (10.1016/j.cose.2016.03.004_bib0080) Nohlberg (10.1016/j.cose.2016.03.004_bib0240) 2008 Jodeit (10.1016/j.cose.2016.03.004_bib0155) 2010 Mouton (10.1016/j.cose.2016.03.004_bib0220) 2014 Zeltser (10.1016/j.cose.2016.03.004_bib0305) Hill (10.1016/j.cose.2016.03.004_bib0115) 1971; 23 Janczewski (10.1016/j.cose.2016.03.004_bib0145) 2010 Gerard (10.1016/j.cose.2016.03.004_bib0075) 1968; 8 Hadnagy (10.1016/j.cose.2016.03.004_bib0100) 2010 Irani (10.1016/j.cose.2016.03.004_bib0125) 2011 Mitnick (10.1016/j.cose.2016.03.004_bib0200) 2002 Abraham (10.1016/j.cose.2016.03.004_bib0010) 2010; 32 Krombholz (10.1016/j.cose.2016.03.004_bib0170) Esmail (10.1016/j.cose.2016.03.004_bib0070) 2015; 6 Mouton (10.1016/j.cose.2016.03.004_bib0235) 2015; 55 Brown (10.1016/j.cose.2016.03.004_bib0035) Hamill (10.1016/j.cose.2016.03.004_bib0105) 2005; 39 Laribee (10.1016/j.cose.2016.03.004_bib0175) 2006 Major (10.1016/j.cose.2016.03.004_bib0195) 2009; 18 Brainard (10.1016/j.cose.2016.03.004_bib0025) Culpepper (10.1016/j.cose.2016.03.004_bib0050) 2004 Kieseberg (10.1016/j.cose.2016.03.004_bib0160) Lenkart (10.1016/j.cose.2016.03.004_bib0180) Ivaturi (10.1016/j.cose.2016.03.004_bib0130) 2011 Åhlfeldt (10.1016/j.cose.2016.03.004_bib0015) 2005 Mouton (10.1016/j.cose.2016.03.004_bib0230) 2015 Peltier (10.1016/j.cose.2016.03.004_bib0250) 2006; 15 Tetri (10.1016/j.cose.2016.03.004_bib0290) 2013; 32 Greitzer (10.1016/j.cose.2016.03.004_bib0085) 2014 Greitzer (10.1016/j.cose.2016.03.004_bib0090) 2014 Mouton (10.1016/j.cose.2016.03.004_bib0225) 2014 Jahankhani (10.1016/j.cose.2016.03.004_bib0140) 2012; 7 Thornburgh (10.1016/j.cose.2016.03.004_bib0295) Brody (10.1016/j.cose.2016.03.004_bib0030) 2012; 20 Gruschka (10.1016/j.cose.2016.03.004_bib0095) |
| References_xml | – year: 2012 ident: bib0265 article-title: Guess who's texting you? Evaluating the security of smartphone messaging applications – volume: 29 start-page: 233 year: 2010 end-page: 244 ident: bib0285 article-title: The psychology of password management: a tradeoff between security and convenience publication-title: Behav Inf Technol – year: 2006 ident: bib0175 article-title: Development of methodical social engineering taxonomy project – volume: 50 start-page: 94 year: 2007 end-page: 100 ident: bib0135 article-title: Social phishing publication-title: Commun ACM – start-page: 46 year: 2010 end-page: 52 ident: bib0155 article-title: USB device drivers: a stepping stone into your kernel – year: 2006 ident: bib0275 article-title: Social engineering, the usb way – year: 2010 ident: bib0020 article-title: Privacy aspects of mashup architecture – volume: 20 start-page: 335 year: 2012 end-page: 347 ident: bib0030 article-title: Flying under the radar: social engineering publication-title: Int J Account Inf Manage – volume: 7 start-page: 79 year: 2012 end-page: 90 ident: bib0140 article-title: The behaviour and perceptions of on-line consumers: risk, risk perception and trust publication-title: Int J Inf Sci Manage – start-page: 1418 year: 2010 end-page: 1423 ident: bib0260 article-title: Awareness program and AI based tool to reduce risk of phishing attacks – volume: 32 start-page: 1014 year: 2013 end-page: 1023 ident: bib0290 article-title: Dissecting social engineering publication-title: Behav Inf Technol – year: 1957 ident: bib0270 article-title: Models of man; social and rational – volume: 6 year: 2015 ident: bib0070 article-title: eps1.5_br4ve-trave1er.asf , mr. Robot: Season 1 publication-title: Episode – volume: 1 start-page: 4 year: 2008 end-page: 9 ident: bib0055 article-title: The origins of social engineering publication-title: McAfee Secur J – year: 2013 ident: bib0170 article-title: Social engineering attacks on the knowledge worker – year: 2009 ident: bib0305 article-title: Malware infection that began with windshield fliers – year: 2008 ident: bib0240 article-title: Securing information assets: understanding, measuring and protecting against social engineering attacks – year: 2011 ident: bib0185 article-title: No tech hacking: a guide to social engineering, dumpster diving, and shoulder surfing – year: 2014 ident: bib0045 article-title: Unintentional insider threats: social engineering – start-page: 236 year: 2014 end-page: 250 ident: bib0085 article-title: Analysis of unintentional insider threats deriving from social engineering exploits – start-page: 216 year: 2015 end-page: 223 ident: bib0230 article-title: Social engineering attack detection model: SEADMv2 – start-page: 847 year: 2010 end-page: 853 ident: bib0145 article-title: Social engineering-based attacks: model and New Zealand perspective – year: 2010 ident: bib0100 article-title: Social engineering: the art of human hacking – year: 2002 ident: bib0200 article-title: The art of deception: controlling the human element of security – volume: 39 start-page: 463 year: 2005 end-page: 484 ident: bib0105 article-title: Evaluating information assurance strategies publication-title: Decis Support Syst – year: 2006 ident: bib0025 article-title: Fourth-factor authentication: somebody you know – start-page: 55 year: 2011 end-page: 74 ident: bib0125 article-title: Reverse social engineering attacks in online social networks publication-title: Detection of intrusions and malware, and vulnerability assessment, vol. 6739 of lecture notes in computer science – year: 2011 ident: bib0180 article-title: The vulnerability of social networking media and the insider threat new eyes for bad guys – volume: 32 start-page: 162 year: 2006 end-page: 173 ident: bib0150 article-title: When group members admit to being conformist: the role of relative intragroup status in conformity self-reports publication-title: Pers Soc Psychol Bull – volume: 32 start-page: 183 year: 2010 end-page: 196 ident: bib0010 article-title: An overview of social engineering malware: trends, tactics, and implications publication-title: Technol Soc – volume: 55 start-page: 114 year: 2015 end-page: 127 ident: bib0235 article-title: Necessity for ethics in social engineering research publication-title: Comput Secur – start-page: 2025 year: 2014 end-page: 2034 ident: bib0090 article-title: Unintentional insider threat: contributing factors, observables, and mitigation strategies – start-page: 40 year: 2012 end-page: 51 ident: bib0210 article-title: Development of cognitive functioning psychological measures for the SEADM – year: 2004 ident: bib0050 article-title: Effectiveness of using red teams to identify maritime security vulnerabilities to terrorist attack – start-page: 266 year: 2014 end-page: 279 ident: bib0220 article-title: Towards an ontological model defining the social engineering domain publication-title: ICT and society, vol. 431 of IFIP advances in information and communication technology – year: 2011 ident: bib0165 article-title: Detecting and combating malware – volume: 8 start-page: 79 year: 1968 end-page: 82 ident: bib0075 article-title: Conformity and group size publication-title: J Pers Soc Psychol – volume: 18 start-page: 40 year: 2009 end-page: 46 ident: bib0195 article-title: Social engineering: hacking the wetware! publication-title: Inf Secur J Global Persp – start-page: 1 year: 2014 end-page: 9 ident: bib0225 article-title: Social engineering attack framework – volume: 23 start-page: 189 year: 1971 end-page: 199 ident: bib0115 article-title: Peer group conformity in adolescent smoking and its relationship to affiliation and autonomy needs publication-title: Aust J Psychol – volume: 16 start-page: 463 year: 2008 end-page: 483 ident: bib0300 article-title: A test of interventions for security threats from social engineering publication-title: Inf Manage Comput Secur – start-page: 1 year: 2011 end-page: 7 ident: bib0205 article-title: Generic taxonomy of social engineering attack – start-page: 1 year: 2013 end-page: 8 ident: bib0215 article-title: Social engineering from a normative ethics perspective – year: 2001 ident: bib0245 article-title: Ontology development 101: a guide to creating your first ontology – volume: 53 start-page: 100 year: 1956 end-page: 107 ident: bib0065 article-title: Effects of different conditions of acceptance upon conformity to group norms publication-title: J Abnorm Soc Psychol – year: 2010 ident: bib0095 article-title: Attack surfaces: a taxonomy for attacks on cloud services – start-page: 1 year: 2005 end-page: 4 ident: bib0015 article-title: Security issues in health care process integration? A research-in-progress report – year: 2010 ident: bib0160 article-title: QR code security – volume: 11 start-page: 41 year: 1985 end-page: 50 ident: bib0120 article-title: Conformity and group size the concern with being right and the concern with being liked publication-title: Pers Soc Psychol Bull – year: 2004 ident: bib0295 article-title: Social engineering: the “dark art” – start-page: 1 year: 2011 end-page: 12 ident: bib0130 article-title: A taxonomy for social engineering attacks – year: 2013 ident: bib0040 article-title: Unintentional insider threats: a foundational study – year: 2001 ident: bib0080 article-title: Social engineering fundamentals, part i: Hacker tactics – year: 2010 ident: bib0060 article-title: Two methodologies for physical penetration testing using social engineering – start-page: 307 year: 2014 end-page: 323 ident: bib0255 article-title: Social engineering publication-title: The InfoSec handbook – year: 2008 ident: bib0035 article-title: Social networks and context-aware spam – year: 2014 ident: bib0280 article-title: Francophoned? a sophisticated social engineering attack – start-page: 4 year: 1998 end-page: 29 ident: bib0110 article-title: Re-floating the titanic: dealing with social engineering attacks – volume: 62 start-page: 408 year: 1961 end-page: 412 ident: bib0190 article-title: Group cohesiveness, communication level, and conformity publication-title: J Abnorm Soc Psychol – volume: 15 start-page: 13 year: 2006 end-page: 21 ident: bib0250 article-title: Social engineering: concepts and solutions publication-title: Inf Syst Secur – volume: 18 start-page: 40 issue: 1 year: 2009 ident: 10.1016/j.cose.2016.03.004_bib0195 article-title: Social engineering: hacking the wetware! publication-title: Inf Secur J Global Persp doi: 10.1080/19393550802623214 – year: 2004 ident: 10.1016/j.cose.2016.03.004_bib0050 – volume: 8 start-page: 79 issue: 1p1 year: 1968 ident: 10.1016/j.cose.2016.03.004_bib0075 article-title: Conformity and group size publication-title: J Pers Soc Psychol doi: 10.1037/h0025325 – volume: 29 start-page: 233 issue: 3 year: 2010 ident: 10.1016/j.cose.2016.03.004_bib0285 article-title: The psychology of password management: a tradeoff between security and convenience publication-title: Behav Inf Technol doi: 10.1080/01449290903121386 – start-page: 40 year: 2012 ident: 10.1016/j.cose.2016.03.004_bib0210 – ident: 10.1016/j.cose.2016.03.004_bib0045 – ident: 10.1016/j.cose.2016.03.004_bib0060 – start-page: 266 year: 2014 ident: 10.1016/j.cose.2016.03.004_bib0220 article-title: Towards an ontological model defining the social engineering domain doi: 10.1007/978-3-662-44208-1_22 – year: 2011 ident: 10.1016/j.cose.2016.03.004_bib0185 – year: 2008 ident: 10.1016/j.cose.2016.03.004_bib0240 – volume: 53 start-page: 100 issue: 1 year: 1956 ident: 10.1016/j.cose.2016.03.004_bib0065 article-title: Effects of different conditions of acceptance upon conformity to group norms publication-title: J Abnorm Soc Psychol doi: 10.1037/h0047855 – start-page: 46 year: 2010 ident: 10.1016/j.cose.2016.03.004_bib0155 – year: 2006 ident: 10.1016/j.cose.2016.03.004_bib0175 – start-page: 55 year: 2011 ident: 10.1016/j.cose.2016.03.004_bib0125 article-title: Reverse social engineering attacks in online social networks – year: 2002 ident: 10.1016/j.cose.2016.03.004_bib0200 – start-page: 1 year: 2011 ident: 10.1016/j.cose.2016.03.004_bib0130 – volume: 23 start-page: 189 issue: 2 year: 1971 ident: 10.1016/j.cose.2016.03.004_bib0115 article-title: Peer group conformity in adolescent smoking and its relationship to affiliation and autonomy needs publication-title: Aust J Psychol doi: 10.1080/00049537108254613 – volume: 16 start-page: 463 issue: 5 year: 2008 ident: 10.1016/j.cose.2016.03.004_bib0300 article-title: A test of interventions for security threats from social engineering publication-title: Inf Manage Comput Secur doi: 10.1108/09685220810920549 – ident: 10.1016/j.cose.2016.03.004_bib0095 – volume: 15 start-page: 13 issue: 5 year: 2006 ident: 10.1016/j.cose.2016.03.004_bib0250 article-title: Social engineering: concepts and solutions publication-title: Inf Syst Secur doi: 10.1201/1086.1065898X/46353.15.4.20060901/95427.3 – volume: 20 start-page: 335 issue: 4 year: 2012 ident: 10.1016/j.cose.2016.03.004_bib0030 article-title: Flying under the radar: social engineering publication-title: Int J Account Inf Manage doi: 10.1108/18347641211272731 – start-page: 1 year: 2014 ident: 10.1016/j.cose.2016.03.004_bib0225 – ident: 10.1016/j.cose.2016.03.004_bib0280 – year: 2012 ident: 10.1016/j.cose.2016.03.004_bib0265 – ident: 10.1016/j.cose.2016.03.004_bib0040 – year: 2010 ident: 10.1016/j.cose.2016.03.004_bib0100 – start-page: 307 year: 2014 ident: 10.1016/j.cose.2016.03.004_bib0255 article-title: Social engineering – start-page: 236 year: 2014 ident: 10.1016/j.cose.2016.03.004_bib0085 – volume: 32 start-page: 162 issue: 2 year: 2006 ident: 10.1016/j.cose.2016.03.004_bib0150 article-title: When group members admit to being conformist: the role of relative intragroup status in conformity self-reports publication-title: Pers Soc Psychol Bull doi: 10.1177/0146167205279904 – ident: 10.1016/j.cose.2016.03.004_bib0025 – start-page: 2025 year: 2014 ident: 10.1016/j.cose.2016.03.004_bib0090 – start-page: 1 year: 2005 ident: 10.1016/j.cose.2016.03.004_bib0015 – volume: 1 start-page: 4 issue: 1 year: 2008 ident: 10.1016/j.cose.2016.03.004_bib0055 article-title: The origins of social engineering publication-title: McAfee Secur J – start-page: 4 year: 1998 ident: 10.1016/j.cose.2016.03.004_bib0110 – start-page: 1 year: 2011 ident: 10.1016/j.cose.2016.03.004_bib0205 – year: 1957 ident: 10.1016/j.cose.2016.03.004_bib0270 – start-page: 216 year: 2015 ident: 10.1016/j.cose.2016.03.004_bib0230 – volume: 6 year: 2015 ident: 10.1016/j.cose.2016.03.004_bib0070 article-title: eps1.5_br4ve-trave1er.asf , mr. Robot: Season 1 publication-title: Episode – volume: 32 start-page: 183 issue: 3 year: 2010 ident: 10.1016/j.cose.2016.03.004_bib0010 article-title: An overview of social engineering malware: trends, tactics, and implications publication-title: Technol Soc doi: 10.1016/j.techsoc.2010.07.001 – volume: 32 start-page: 1014 issue: 10 year: 2013 ident: 10.1016/j.cose.2016.03.004_bib0290 article-title: Dissecting social engineering publication-title: Behav Inf Technol doi: 10.1080/0144929X.2013.763860 – ident: 10.1016/j.cose.2016.03.004_bib0305 – volume: 39 start-page: 463 issue: 3 year: 2005 ident: 10.1016/j.cose.2016.03.004_bib0105 article-title: Evaluating information assurance strategies publication-title: Decis Support Syst doi: 10.1016/j.dss.2003.11.004 – ident: 10.1016/j.cose.2016.03.004_bib0035 – start-page: 1 year: 2013 ident: 10.1016/j.cose.2016.03.004_bib0215 – start-page: 847 year: 2010 ident: 10.1016/j.cose.2016.03.004_bib0145 – ident: 10.1016/j.cose.2016.03.004_bib0180 – start-page: 1418 year: 2010 ident: 10.1016/j.cose.2016.03.004_bib0260 – ident: 10.1016/j.cose.2016.03.004_bib0295 – volume: 50 start-page: 94 issue: 10 year: 2007 ident: 10.1016/j.cose.2016.03.004_bib0135 article-title: Social phishing publication-title: Commun ACM doi: 10.1145/1290958.1290968 – ident: 10.1016/j.cose.2016.03.004_bib0160 – volume: 11 start-page: 41 issue: 1 year: 1985 ident: 10.1016/j.cose.2016.03.004_bib0120 article-title: Conformity and group size the concern with being right and the concern with being liked publication-title: Pers Soc Psychol Bull doi: 10.1177/0146167285111004 – ident: 10.1016/j.cose.2016.03.004_bib0275 – year: 2010 ident: 10.1016/j.cose.2016.03.004_bib0020 – volume: 7 start-page: 79 issue: 1 year: 2012 ident: 10.1016/j.cose.2016.03.004_bib0140 article-title: The behaviour and perceptions of on-line consumers: risk, risk perception and trust publication-title: Int J Inf Sci Manage – volume: 55 start-page: 114 year: 2015 ident: 10.1016/j.cose.2016.03.004_bib0235 article-title: Necessity for ethics in social engineering research publication-title: Comput Secur doi: 10.1016/j.cose.2015.09.001 – ident: 10.1016/j.cose.2016.03.004_bib0080 – ident: 10.1016/j.cose.2016.03.004_bib0170 – ident: 10.1016/j.cose.2016.03.004_bib0165 – volume: 62 start-page: 408 issue: 2 year: 1961 ident: 10.1016/j.cose.2016.03.004_bib0190 article-title: Group cohesiveness, communication level, and conformity publication-title: J Abnorm Soc Psychol doi: 10.1037/h0041109 – year: 2001 ident: 10.1016/j.cose.2016.03.004_bib0245 |
| SSID | ssj0017688 |
| Score | 2.4610107 |
| Snippet | The field of information security is a fast-growing discipline. Even though the effectiveness of security measures to protect sensitive information is... |
| SourceID | proquest crossref elsevier |
| SourceType | Aggregation Database Enrichment Source Index Database Publisher |
| StartPage | 186 |
| SubjectTerms | Bidirectional communication Computer information security Data integrity Engineering Human Indirect communication Intrusion detection systems Leaking of information Links Manipulation Mapping Mitnick's attack cycle Social engineering Social engineering attack detection model Social engineering attack examples Social engineering attack framework Social engineering attack scenario Social engineering attack templates Studies Unidirectional communication |
| Title | Social engineering attack examples, templates and scenarios |
| URI | https://dx.doi.org/10.1016/j.cose.2016.03.004 https://www.proquest.com/docview/1787762304 https://www.proquest.com/docview/1816031155 |
| Volume | 59 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1NS8QwEB3W9eLFb_GbCN60bpM03QZPIi6rohcVvIU0iaAuXXFX8ORvd2abrijowUuhTULLNPMyIW_eAOxzabOcP2SJfuAuwRXfJtpajXM5DTKgazpOicJX13n_Lru4V_ctOG1yYYhWGbG_xvQJWscnnWjNzsvjY-dmQqAnuRNSjRJ5MQOzQupctWH25Pyyfz09TMCIuphKfOOAmDtT07yIFk4Mr7zWOs1-W59-IPVk-ektwnyMG9lJ_WlL0ArVMiw0NRlYdNEVOK7zbVn40hlkdjy27pmFd0tSwKNDRnpUAwoyma08Iz0n3DEPR6tw1zu7Pe0nsUBC4mTOqYx8qblFN3XOK83L4DMvylAqVYiusLIbcIOhPAZ9oizyPNWui3CmSo9RmhMilWvQroZVWAdGGxuhCu_TTGZ4sWUqghVeSyWtFt0N4I1ZjIvq4VTEYmAamtiTIVMaMqVJpUFTbsDBdMxLrZ3xZ2_VWNt8mwEGwf3PcdvNrzHR_0aGIw4hzEtq3ps2o-fQcYitwvAN-xSTEtsYUG3-89VbMEd3NXNsG9rj17ewgzHKuNyFmaMPvhtn4ifZSuNs |
| linkProvider | Elsevier |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV07T8MwELagDLDwRjwKGIkNQmM7zkNMCFGVR7sAUjfLsV2Jh1JEW4mJ385d4hSBRAeWDLGtRGff57P83XeEHDOho5gNoiAbMBPAjq-DTOsM1nLohAPXNAwThbu9uPMY3fRlf45c1rkwSKv02F9heonW_k3LW7P19vTUui8J9Ch3gqpRPE7nyUIkRYK8vrPPKc-DQTydTgW-obvPnKlIXkgKR35XXCmdRn_tTr9wutx82qtk2UeN9KL6sTUy54p1slJXZKDeQTfIeZVtS923yiDV47E2L9R9aBQCHp1SVKN6xRCT6sJSVHOC8_JwtEke21cPl53Al0cIjIgZFpHPM6bBSY2xMmO5s5HluculTHnCtUgcHC-khZCP52kch5lJAMxkbiFGM5yHYos0imHhtgnFYw2XqbVhJCJ46DzkTnObCSl0xpMdwmqzKOO1w7GExauqSWLPCk2p0JQqFApMuUNOpmPeKuWMmb1lbW31Y_4VQPvMcc16apT3vpFigEIA8gKbj6bN4Dd4GaILN5xAn7QssA3h1O4_P31IFjsP3Tt1d9273SNL2FJxyJqkMX6fuH2IVsb5QbkavwC_f-Q3 |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Social+engineering+attack+examples%2C+templates+and+scenarios&rft.jtitle=Computers+%26+security&rft.au=Mouton%2C+Francois&rft.au=Leenen%2C+Louise&rft.au=Venter%2C+HS&rft.date=2016-06-01&rft.pub=Elsevier+Sequoia+S.A&rft.issn=0167-4048&rft.eissn=1872-6208&rft.volume=59&rft.spage=186&rft_id=info:doi/10.1016%2Fj.cose.2016.03.004&rft.externalDBID=NO_FULL_TEXT&rft.externalDocID=4050287571 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0167-4048&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0167-4048&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0167-4048&client=summon |