A Comprehensive Study of Social Engineering Attacks: Understanding its Susceptibility and Awareness in Pakistan

Abstract

Digital technology has advanced rapidly over a couple of decades and people globally have now easy access to the internet and digital devices for communication. Private and personal information is now significantly higher and stored more on these devices. People in developing countries are at higher risk of being the target of cyber-attacks according to the Cyber Security Exposure Index 2020. The social engineering attack has increased because many people, especially in developing countries lack awareness on how to protect themselves from it. These attacks can trick them to provide all sorts of sensitive information like passwords, credit card numbers, and private health information. This paper aims to summarize the concept of social engineering attacks, specifically phishing attacks in detail. Literature in this domain presents the contribution of scholars from the past few years till the present and its analysis from successful journals and articles. It will also discuss how much people are aware of these problems with the help of the survey-based questionnaires collected from people. The results collected from the participants will be explained in light, of whether they have enough knowledge and security awareness from these attacks. The findings from the participants also conclude that security knowledge and awareness of social engineering will be positively associated with security-protective practices. This study also suggests that female might not be as susceptible to social engineering attacks more than male individuals according to previous studies. The paper also explains some of the prevention measures and strategies against these types of attacks with a summary of findings and a conclusion in the last section.