Are You a Soft Target for Cyber Attack? Drivers of
Susceptibility to Social Engineering-Based Cyber Attack (SECA): A Case Study of Mobile Messaging Application

As mobile devices and social media applications continue to dominate internet connectivity, social engineering-based cyber attacks (SECA) have similarly risen. Despite large research and technological advancements securing the cyberspace, social engineering-based cyber attacks remain one one of the easiest cyber attacks to execute. This study evaluated how an individual’s habits contributed or did not contribute to their SECA vulnerability through social media. The study utilized phishing, clickjacking, and malware as different cyber attacks the individuals underwent. By sending participants 6 scenarios of different SECA attacks, respondents ranked their likelihood of falling for the presented scam. The authors hypothesized that the more active the person was in a social network, higher trust using social media my increase a person’s potential to fall victim to the manipulation. Results suggest that three characteristics contribute most to the susceptibility to a SECA: Habitual perspective, risk perception, cyberattack experience. Both habitual perspective and cyber attack experience correlated with a greater susceptibility to a social engineering-based cyberattack, as the individual had increased connectivity. History of previous cyberattack exposure correlated to greater SECA vulnerability. IT experience does not decrease one’s susceptibility to a SECA because social engineering-based cyberattacks rely on personal manipulation to carry out an attack. Conclusions from this study include better education and awareness of socially engineered cyberattacks and more rigorous policy focused specially on SECA.