IDEAS home Printed from https://ideas.repec.org/a/eee/teinso/v32y2010i3p183-196.html
   My bibliography  Save this article

An overview of social engineering malware: Trends, tactics, and implications

Author

Listed:
  • Abraham, Sherly
  • Chengalur-Smith, InduShobha

Abstract

Social engineering continues to be an increasing attack vector for the propagation of malicious programs. For this article, we collected data on malware incidents and highlighted the prevalence and longevity of social engineering malware. We developed a framework that shows the steps social engineering malware executes to be successful. To explain its pervasiveness and persistence, we discuss some common avenues through which such attacks occur. The attack vector is a combination of psychological and technical ploys, which includes luring a computer user to execute the malware, and combating any existing technical countermeasures. We describe some of the prevalent psychological ploys and technical countermeasures used by social engineering malware. We show how the techniques used by purveyors of such malware have evolved to circumvent existing countermeasures. The implications of our analyses lead us to emphasize (1) the importance for organizations to plan a comprehensive information security program, and (2) the shared social responsibility required to combat social engineering malware.

Suggested Citation

  • Abraham, Sherly & Chengalur-Smith, InduShobha, 2010. "An overview of social engineering malware: Trends, tactics, and implications," Technology in Society, Elsevier, vol. 32(3), pages 183-196.
  • Handle: RePEc:eee:teinso:v:32:y:2010:i:3:p:183-196
    DOI: 10.1016/j.techsoc.2010.07.001
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0160791X10000497
    Download Restriction: Full text for ScienceDirect subscribers only

    File URL: https://libkey.io/10.1016/j.techsoc.2010.07.001?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Nguyen, Phan Dinh & Tran, Lobel Trong Thuy & Baker, John, 2021. "Driving university brand value through social media," Technology in Society, Elsevier, vol. 65(C).
    2. Naci Akdemir & Serkan Yenal, 2021. "How Phishers Exploit the Coronavirus Pandemic: A Content Analysis of COVID-19 Themed Phishing Emails," SAGE Open, , vol. 11(3), pages 21582440211, July.
    3. T. V. Tulupieva, 2022. "Psychological Aspects of the Organization’s Information Security in the Context of Socio-engineering Attacks," Administrative Consulting, Russian Presidential Academy of National Economy and Public Administration. North-West Institute of Management., issue 2.
    4. Hayes, Darren R. & Cappa, Francesco, 2018. "Open-source intelligence for risk assessment," Business Horizons, Elsevier, vol. 61(5), pages 689-697.
    5. Straub, Jeremy, 2021. "Defining, evaluating, preparing for and responding to a cyber Pearl Harbor," Technology in Society, Elsevier, vol. 65(C).
    6. Rickard, Amelia & Wagner, Jeffrey & Schull, Jonathan, 2017. "Observations on the technology and economics of digital emissions," Technology in Society, Elsevier, vol. 48(C), pages 28-32.
    7. Asad Hussain & Sunila Fatima Ahmad & Mishal Tanveer & Ansa Sameen Iqbal, 2022. "Computer Malware Classification, Factors, and Detection Techniques: A Systematic Literature Review (SLR)," International Journal of Innovations in Science & Technology, 50sea, vol. 4(3), pages 899-918, August.
    8. Le, Tran Duc & Le-Dinh, Thang & Uwizeyemungu, Sylvestre, 2024. "Search engine optimization poisoning: A cybersecurity threat analysis and mitigation strategies for small and medium-sized enterprises," Technology in Society, Elsevier, vol. 76(C).
    9. Hussain Aldawood & Geoffrey Skinner, 2019. "Reviewing Cyber Security Social Engineering Training and Awareness Programs—Pitfalls and Ongoing Issues," Future Internet, MDPI, vol. 11(3), pages 1-16, March.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:teinso:v:32:y:2010:i:3:p:183-196. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/technology-in-society .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.