Social engineering in phishing attacks in the eastern province of saudi arabia

Jaafar M. Alghazo, Zafar Kazimi

Research output: Contribution to journalArticlepeer-review

4 Scopus citations

Abstract

Many tools are used for phishing. Despite the different tools used in phishing, the key element involves convincing the user to give away their information willingly. In this study, researchers conducted an experiment ona small population of university students in the Eastern Province of Saudi Arabia. A group of 200 university students who had eBay accounts were recruited for the experiment. The experiment included designing a replica website for an online business and hosting it over the intranet. The students clicked on a desktop icon based on instructions from their trusted instructor and the icon took them to a phishing website where the students were asked to log in. The results indicate that 90% of the users who logged onto the website recognized only the look and feel of the login page and did not pay attention to important details such as the URL and the security features ofthe login page. Another important result showed that combining social engineering with phishing enhanced the experiment and influenced the user's perception of the fake website. The social engineering involved a trusted instructor who influenced their trust in the authenticity of the website.

Original languageEnglish (US)
Pages (from-to)91-98
Number of pages8
JournalAsian Journal of Information Technology
Volume12
Issue number3
DOIs
StatePublished - 2013
Externally publishedYes

Keywords

  • Cross-SiteScripting (XSS)
  • Ebay
  • Man in the middle attack (MITM)
  • Phishing
  • Social engineering

Fingerprint

Dive into the research topics of 'Social engineering in phishing attacks in the eastern province of saudi arabia'. Together they form a unique fingerprint.

Cite this