Review OSINT tool for social engineering

In recent years, we observed an increase in cyber threats, especially social engineering attacks. By social engineering, we mean a set of techniques and tools to collect information about a person or target to extort sensitive information. Such information might be used for (industrial) espionage, to blackmail the user, or represent the starting point to perform malicious cyber attacks against the individual or, more often, against the organization they work for. The human factor is often the most vulnerable element in the security of any system, and the mass of information we disseminate online largely facilitates social engineering activities. To prevent and mitigate social engineering attacks, Open Source INTelligence (OSINT) techniques and tools can be used to evaluate the level of exposition of an individual or an organization. OSINT is the collection of information through open sources, that is, sources not protected by copyright or privacy. The article reviews the main OSINT tools for countering and preventing social engineering attacks. Specifically, it proposes the different tools diving them accordingly to the specific information they allow to track (e-mail, social profiles, phone numbers, etc.).

Many phish in the C $\mathcal{C}$ : A coexisting-choice-criteria model of security behavior

Normative decision theory proves inadequate for modeling human responses to the social-engineering campaigns of advanced persistent threat (APT) attacks. Behavioral decision theory fares better, but still falls short of capturing social-engineering attack vectors which operate through emotions and peripheral-route persuasion. We introduce a generalized decision theory, under which any decision will be made according to one of multiple coexisting choice criteria. We denote the set of possible choice criteria by C $\mathcal {C}$ . Thus, the proposed model reduces to conventional Expected Utility theory when| C EU | = 1 $|\mathcal {C}_{\text{EU}}|=1$ , while Dual-Process (thinking fast vs. thinking slow) decision making corresponds to a model with| C DP | = 2 $|\mathcal {C}_{\text{DP}}|=2$ . We consider a more general case with| C | ≥ 2 $|\mathcal {C}|\ge 2$ , which necessitates careful consideration of how, for a particular choice-task instance, one criterion comes to prevail over others. We operationalize this with a probability distribution that is conditional upon traits of the decisionmaker as well as upon the context and the framing of choice options. Whereas existing signal detection theory (SDT) models of phishing detection commingle the different peripheral-route persuasion pathways, in the present descriptive generalization the different pathways are explicitly identified and represented. A number of implications follow immediately from this formulation, ranging from the conditional nature of security-breach risk to delineation of the prerequisites for valid tests of security training. Moreover, the model explains the "stepping-stone" penetration pattern of APT attacks, which has confounded modeling approaches based on normative rationality.

How Perceptions of Caller Honesty Vary During Vishing Attacks That Include Highly Sensitive or Seemingly Innocuous Requests

OBJECTIVE

To understand how aspects of vishing calls (phishing phone calls) influence perceived visher honesty.

BACKGROUND

Little is understood about how targeted individuals behave during vishing attacks. According to truth-default theory, people assume others are being honest until something triggers their suspicion. We investigated whether that was true during vishing attacks.

METHODS

Twenty-four participants read written descriptions of eight real-world vishing calls. Half included highly sensitive requests; the remainder included seemingly innocuous requests. Participants rated visher honesty at multiple points during conversations.

RESULTS

Participants initially perceived vishers to be honest. Honesty ratings decreased before requests occurred. Honesty ratings decreased further in response to highly sensitive requests, but not seemingly innocuous requests. Honesty ratings recovered somewhat, but only after highly sensitive requests.

CONCLUSIONS

The present results revealed five important insights: (1) people begin vishing conversations in the truth-default state, (2) certain aspects of vishing conversations serve as triggers, (3) other aspects of vishing conversations do not serve as triggers, (4) in certain situations, people's perceptions of visher honesty improve, and, more generally, (5) truth-default theory may be a useful tool for understanding how targeted individuals behave during vishing attacks.

APPLICATION

Those developing systems that help users deal with suspected vishing attacks or penetration testing plans should consider (1) targeted individuals' truth-bias, (2) the influence of visher demeanor on the likelihood of deception detection, (3) the influence of fabricated situations surrounding vishing requests on the likelihood of deception detection, and (4) targeted individuals' lack of concern about seemingly innocuous requests.

Cyber security threats: A never-ending challenge for e-commerce

This study explores the challenge of cyber security threats that e-commerce technology and business are facing. Technology applications for e-commerce are attracting attention from both academia and industry. It has made what was not possible before for the business community and consumers. But it did not come all alone but has brought some challenges, and cyber security challenge is one of them. Cyber security concerns have many forms, but this study focuses on social engineering, denial of services, malware, and attacks on personal data. Firms worldwide spend a lot on addressing cybersecurity issues, which grow each year. However, it seems complicated to overcome the challenge because the attackers continuously search for new vulnerabilities in humans, organizations, and technology. This paper is based on the conceptual analysis of social engineering, denial of services, malware, and attacks on personal data. We argue that implementing modern technology for e-commerce and cybersecurity issues is a never-ending game of cat and mouse. To reduce risks, reliable technology is needed, training of employees and consumer is necessary for using the technology, and a strong policy and regulation is needed at the firm and governmental level.

The Role of User Behaviour in Improving Cyber Security Management

Information security has for long time been a field of study in computer science, software engineering, and information communications technology. The term 'information security' has recently been replaced with the more generic term cybersecurity. The goal of this paper is to show that, in addition to computer science studies, behavioural sciences focused on user behaviour can provide key techniques to help increase cyber security and mitigate the impact of attackers' social engineering and cognitive hacking methods (i.e., spreading false information). Accordingly, in this paper, we identify current research on psychological traits and individual differences among computer system users that explain vulnerabilities to cyber security attacks and crimes. Our review shows that computer system users possess different cognitive capabilities which determine their ability to counter information security threats. We identify gaps in the existing research and provide possible psychological methods to help computer system users comply with security policies and thus increase network and information security.

A Multivocal Literature Review on Growing Social Engineering Based Cyber-Attacks/Threats During the COVID-19 Pandemic: Challenges and Prospective Solutions

The novel coronavirus (COVID-19) pandemic has caused a considerable and long-lasting social and economic impact on the world. Along with other potential challenges across different domains, it has brought numerous cybersecurity challenges that must be tackled timely to protect victims and critical infrastructure. Social engineering-based cyber-attacks/threats are one of the major methods for creating turmoil, especially by targeting critical infrastructure, such as hospitals and healthcare services. Social engineering-based cyber-attacks are based on the use of psychological and systematic techniques to manipulate the target. The objective of this research study is to explore the state-of-the-art and state-of-the-practice social engineering-based techniques, attack methods, and platforms used for conducting such cybersecurity attacks and threats. We undertake a systematically directed Multivocal Literature Review (MLR) related to the recent upsurge in social engineering-based cyber-attacks/threats since the emergence of the COVID-19 pandemic. A total of 52 primary studies were selected from both formal and grey literature based on the established quality assessment criteria. As an outcome of this research study; we discovered that the major social engineering-based techniques used during the COVID-19 pandemic are phishing, scamming, spamming, smishing, and vishing, in combination with the most used socio-technical method: fake emails, websites, and mobile apps used as weapon platforms for conducting successful cyber-attacks. Three types of malicious software were frequently used for system and resource exploitation are; ransomware, trojans, and bots. We also emphasized the economic impact of cyber-attacks performed on different organizations and critical infrastructure in which hospitals and healthcare were on the top targeted infrastructures during the COVID-19 pandemic. Lastly, we identified the open challenges, general recommendations, and prospective solutions for future work from the researcher and practitioner communities by using the latest technology, such as artificial intelligence, blockchain, and big data analytics.

Understanding Phishing Email Processing and Perceived Trustworthiness Through Eye Tracking

Social engineering attacks in the form of phishing emails represent one of the biggest risks to cybersecurity. There is a lack of research on how the common elements of phishing emails, such as the presence of misspellings and the use of urgency and threatening language, influences how the email is processed and judged by individuals. Eye tracking technology may provide insight into this. In this exploratory study a sample of 22 participants viewed a series of emails with or without indicators associated with phishing emails, whilst their eye movements were recorded using a SMI RED 500 eye-tracker. Participants were also asked to give a numerical rating of how trustworthy they deemed each email to be. Overall, it was found that participants looked more frequently at the indicators associated with phishing than would be expected by chance but spent less overall time viewing these elements than would be expected by chance. The emails that included indicators associated with phishing were rated as less trustworthy on average, with the presence of misspellings or threatening language being associated with the lowest trustworthiness ratings. In addition, it was noted that phishing indicators relating to threatening language or urgency were viewed before misspellings. However, there was no significant interaction between the trustworthiness ratings of the emails and the amount of scanning time for phishing indicators within the emails. These results suggest that there is a complex relationship between the presence of indicators associated with phishing within an email and how trustworthy that email is judged to be. This study also demonstrates that eye tracking technology is a feasible method with which to identify and record how phishing emails are processed visually by individuals, which may contribute toward the design of future mitigation approaches.

Managing the three-rivers headwater region, china: from ecological engineering to social engineering

The three-rivers headwater region (THRHR) of Qinghai province, China plays a key role as source of fresh water and ecosystem services for central and eastern China. Global warming and human activities in the THRHR have threatened the ecosystem since the 1980s. Therefore, the Chinese government has included managing of the THRHR in the national strategy since 2003. The State Integrated Test and Demonstration Region of the THRHR highlights the connection with social engineering (focus on improving people's livelihood and well-being) in managing nature reserves. Based on this program, this perspective attempts a holistic analysis of the strategic role of the THRHR, requirements for change, indices of change, and approaches to change. Long-term success of managing nature reserves requires effective combination of ecological conservation, economic development, and social progress. Thus, the philosophy of social engineering should be employed as a strategy to manage the THRHR.