Social engineering is a real threat to industries in this day and age, even though its severity is extremely downplayed. The difficulty with social engineering attacks is mostly the ability to identify them. Social engineers often target call centre employees, as they are normally underpaid, under-skilled and have limited knowledge about the information technology infrastructure. These employees are, thus, seen as easy targets by the social engineer. This paper improves on a previously-proposed model, Social Engineering Attack Detection Model (SEADM), by proposing and incorporating a cognitive functioning psychological measure in order to determine the emotional state and decision-making ability of the call centre employee. The cognitive analysis combined with the social engineering attack detection model provides one with a quick and effective way to determine whether the requester is trying to manipulate an individual into disclosing information for which the requester does not have authorization.
Reference:
Mouton, F, Malan, MM and Venter, HS. 2012. Development of cognitive functioning psychological measures for the SEADM. 6th International Symposium on Human Aspects of Information Security & Assurance, Crete, Greece, 6-8 June 2012
Mouton, F., Malan, M., & Venter, H. (2012). Development of cognitive functioning psychological measures for the SEADM. http://hdl.handle.net/10204/6489
Mouton, F, MM Malan, and HS Venter. "Development of cognitive functioning psychological measures for the SEADM." (2012): http://hdl.handle.net/10204/6489
Mouton F, Malan M, Venter H, Development of cognitive functioning psychological measures for the SEADM; 2012. http://hdl.handle.net/10204/6489 .
