A Typology Of Social Engineering Attacks – An Information Science Perspective

Hackers are increasingly exploiting the social movement on the Internet, which is responsible for domestication of the web and its associated technologies, by using novel methods of online social engineering. However, there is not enough support in the form of published research that can help us gain a holistic understanding of human vulnerabilities that are central to online social engineering attacks. This paper extends prior published classifications and presents a new typology of online social engineering methods that manifest during the various information seeking contexts that users engage while online. Concepts borrowed from the field of information science hel p us to build this typology that groups attack vectors with different human information seeking modes. The typology can be readily used as educational material to improve end user awareness about online social engineering. In addition, the typology can be used as a conceptual starting point for future empirical research on human vulnerabilities in different information seeking contexts which in turn can informsystems designers to design more effective solutions that can help mitigate the effects of such attacks

Effects Of Information Seeking Modes On Users’ Online Social Engineering Vulnerabilities

Hackers are increasingly exploiting the social movement on the Internet, which is responsible for domestication of the web and its associated technologies, by using novel methods of online social engineering (OSE) . While most research to date in this field has focused on one type of OSE vector-phishing, there is a need to understand user vulnerabilities to other types of OSE attack vectors. This research in progress proposal first extends prior published classifications and presents a new typology of OSE attack vectors that manifest during the various information seeking contexts that users engage while online. This provides a conceptual starting point to build our empirical model that we propose will be useful in testing variance in human vulnerability to the different OSE attack vectors. The results of this research should be of interest to academic researchers, practitioners, consumer protection agencies and government regulatory authorities

Cybercrime and Cyber-security Issues Associated with China: Some Economic and Institutional Considerations

China is linked to cybercrimes of diverse types, scales, motivations and objectives. The Chinese cyberspace thus provides an interesting setting for the study of cybercrimes. In this paper, we first develop typology, classification and characterization of cybercrimes associated with China, which would help us understand modus operandi, structures, profiles and personal characteristics of cybercrime organizations and potential perpetrators, the signature aspects and goals of cybercrimes, the nature and backgrounds of the criminal groups involved, characteristics of potential targets for criminal activities, the nature and extent of the damage inflicted on the victims and the implications to and responses elicited from various actors. We then examine this issue from developmental and international political economy angles. Specifically, we delineate salient features of China’s politics, culture, human capital and technological issues from the standpoint of cyber-security and analyze emerging international relations and international trade issues associated with this phenomenon. Our analysis indicates that China’s global ambition, the shift in the base of regime legitimacy from MarxLeninism to economic growth, the strong state and weak civil society explain the distinctive pattern of the country’s cyber-attack and cyber-security landscapes

Crime scripting: A systematic review

The file attached to this record is the author's final peer reviewed version.More than two decades after the publication of Cornish’s seminal work about the script-theoretic approach to crime analysis, this article examines how the concept has been applied in our community. The study provides evidence confirming that the approach is increasingly popular; and takes stock of crime scripting practices through a systematic review of over one hundred scripts published between 1994 and 2018. The results offer the first comprehensive picture of this approach, and highlights new directions for those interested in using data from cyber-systems and the Internet of Things to develop effective situational crime prevention measures

A TYPOLOGY OF TECHNOLOGICAL ENABLERS OF WEBSITE SERVICE FAILURE PREVENTION

An increasing range of services are now offered via online applications and e-commerce websites. However, problems with online services still occur at times, even for the best service providers due to the technical failures, informational failures, or lack of required website functionalities. Also, the widespread and increasing implementation of web services means that service failures are both more likely to occur, and more likely to have serious consequences. In this paper we first develop a digital service value chain framework based on existing service delivery models adapted for digital services. We then review current literature on service failure prevention, and provide a typology of technolo- gies and approaches that can be used to prevent failures of different types (functional, informational, system), that can occur at different stages in the web service delivery. This makes a contribution to theory by relating specific technologies and technological approaches to the point in the value chain framework where they will have the maximum impact. Our typology can also be used to guide the planning, justification and design of robust, reliable web services

How can SMEs benefit from big data? Challenges and a path forward

Big data is big news, and large companies in all sectors are making significant advances in their customer relations, product selection and development and consequent profitability through using this valuable commodity. Small and medium enterprises (SMEs) have proved themselves to be slow adopters of the new technology of big data analytics and are in danger of being left behind. In Europe, SMEs are a vital part of the economy, and the challenges they encounter need to be addressed as a matter of urgency. This paper identifies barriers to SME uptake of big data analytics and recognises their complex challenge to all stakeholders, including national and international policy makers, IT, business management and data science communities. The paper proposes a big data maturity model for SMEs as a first step towards an SME roadmap to data analytics. It considers the ‘state-of-the-art’ of IT with respect to usability and usefulness for SMEs and discusses how SMEs can overcome the barriers preventing them from adopting existing solutions. The paper then considers management perspectives and the role of maturity models in enhancing and structuring the adoption of data analytics in an organisation. The history of total quality management is reviewed to inform the core aspects of implanting a new paradigm. The paper concludes with recommendations to help SMEs develop their big data capability and enable them to continue as the engines of European industrial and business success. Copyright © 2016 John Wiley & Sons, Ltd.Peer ReviewedPostprint (author's final draft

Effect of Frame of Mind on Users’ Deception Detection Attitudes and Behaviours

As the World Wide Web grows, the number and variety of deceptive attacks targeting online consumers likewise increases. Extant research has examined online deception from an information processing perspective, that is, how users process information when they encounter deceptive attacks. However, users’ ability to process information is based on what the users are thinking or their frame of mind while engaged with that information. Frame of mind has not been well studied in the security domain. This study proposes the effect of users’ frame of mind on their attitude towards online deception and their actual deception detection behaviour. Specifically, we propose that human information needs and the framing (positive or negative) of important information such as warnings are significant components of users’ frames of mind that impact their vulnerability to online attacks. We conclude the paper by discussing in detail the experimental setup and expected contributions from the analysis