Social Engineering Attacks and Countermeasures in the New Zealand Banking System: Advancing a User-Reflective Mitigation Model

Social engineering attacks are possibly one of the most dangerous forms of security and privacy attacks since they are technically oriented to psychological manipulation and have been growing in frequency with no end in sight. This research study assessed the major aspects and underlying concepts of social engineering attacks and their influence in the New Zealand banking sector. The study further identified attack stages and provided a user-reflective model for the mitigation of attacks at every stage of the social engineering attack cycle. The outcome of this research was a model that provides users with a process of having a reflective stance while engaging in online activities. Our model is proposed to aid users and, of course, financial institutions to re-think their anti-social engineering strategies while constantly maintaining a self-reflective assessment of whether they are being subjected to social engineering attacks while transacting online.

[1]  Edgar R. Weippl,et al.  Advanced social engineering attacks , 2015, J. Inf. Secur. Appl..

[2]  Hardik K. Molia,et al.  Protection of Computer Networks from the Social Engineering Attacks , 2015 .

[3]  E. Abu-Shanab Security and Fraud Issues of E-banking , 2015 .

[4]  Bhavesh Pandya,et al.  Android Based Total Security for System Authentication , 2015 .

[5]  Lech J. Janczewski,et al.  Social engineering-based attacks: Model and new zealand perspective , 2010, Proceedings of the International Multiconference on Computer Science and Information Technology.

[6]  Christopher Hadnagy,et al.  Social Engineering: The Art of Human Hacking , 2010 .

[7]  Robert Neild,et al.  At the Treasury , 1991 .

[8]  Fadi A. Thabtah,et al.  Experimental Case Studies for Investigating E-Banking Phishing Techniques and Attack Strategies , 2010, Cognitive Computation.

[9]  M. Workman Wisecrackers: A theory-grounded investigation of phishing and pretext social engineering threats to information security , 2008 .

[10]  Katrin Baumgartner The Art Of Deception Controlling The Human Element Of Security , 2016 .

[11]  P. L. Ramteke,et al.  Detection of Websites Based on PhishingWebsites Characteristics , 2015 .

[12]  Marinela Vrancianu,et al.  Considerations Regarding the Security and Protection of E-Banking Services Consumers’ Interests , 2010 .

[13]  Junhua Du An empirical analysis of internet banking adoption in New Zealand , 2011 .

[14]  Sawtantar Singh Khurmi,et al.  Vulnerabilities in e-banking: A study of various security aspects in e-banking , 2012 .