Evidence of personality traits on phishing attack menace among selected university undergraduates in Nigerian

Access ease, mobility, portability, and improved speed have continued to ease the adoption of computing devices; while, consequently proliferating phishing attacks. These, in turn, have created mixed feelings in increased adoption and nosedived users’ trust level of devices. The study recruited 480-students, who were exposed to socially-engineered attack directives. Attacks were designed toretrieve personal dataand entice participants to access compromised links. Wesought to determine the risks of cybercrimes among the undergraduates in selected Nigerian universities, observe students’ responses and explore their attitudes before/after each attack. Participants were primed to remain vigilant to all forms of scams as WE sought to investigate attacks’ influence on gender, students’ status, and age to perceived safety on susceptibility to phishing. Results show that contrary to public beliefs, age, status, and gender were not among the factors associated with scam susceptibility and vulnerability rates of the participants. However, the study reports decreased user trust levels in the adoption of these new, mobile computing devices

Understanding Internet Self-Efficacy in a Post-Adoption World: A Meta-Analysis

This study presents a conceptual and empirical review of Internet self-efficacy (ISE). It starts by conceptually reviewing ISE, its definitions, and dimensions. Second, it empirically meta-analyzes 213 studies, and aggregates results across 215 independent samples. The results suggest that ISE plays a key role in the adoption and use of Internet tools, how individuals utilize eCommerce, and how we train individuals. In addition, the results suggest that the type of system utilized and the culture in which the study takes place may affect the strength of the relationship between ISE and variables of interest to the researcher. The consistency of the findings also suggest that it is time for the field to move beyond studies that focus on adoption and use of the Internet and to tackle the more complex questions of how ISE may contribute to or mitigate issues such as political engagement, cyberbullying, and misinformation

E-learning satisfaction: investigating gender differences

The purpose of this study is to evaluate the impact of learner-content interaction, learner-learner interaction, learner-instructor interaction, self-regulated learning, and Internet self-efficacy is present on e-learning satisfaction. The gender effect is also included in the investigation of the impact. Many studies have been conducted to reveal learners' satisfaction with e-learning, however, limited research has emphasized the gender effect in explaining learner satisfaction. A review of the existing literature was used to develop a conceptual model which was further tested using data collected from undergraduate students. The data collection used a self-administered questionnaire and 742 valid responses were acquired. Partial least square-structural equation modeling was used to analyze the model while multigroup analysis was used to assess the gender differences for the predictors. The results showed that learner-instructor interaction, learner-learner interaction, self-regulated learning, and Internet self-efficacy were predictors for learning satisfaction based on the overall sample. The university may use these factors as a reference to achieve learning satisfaction among students. Gender was found significantly different in the relationship between Internet self-efficacy and satisfaction. The finding suggests that the university administrators need to undertake strategic change to assist female learners in overcoming the barrier of Internet self-efficacy skills

Assessing the Presence of Mindfulness within Cyber and Non-Cybersecurity groups

Corporations and individuals continue to be under Phishing attack. Researchers categorizes methods corporations and individuals can employ to reduce the impact of being caught in a Phishing scheme. Corporation enable technical mechanisms such as automated filtering, URL blacklisting, and manipulation of browser warning messages to reduce phishing susceptibility costing billions of dollars annually. However, even with robust efforts to educate employees about phishing techniques through security awareness training the abundance of attacks continues to plague organizations. This study aims to identify whether a correlation exists between mindfulness and phishing susceptibility. The goal of this research is to determine if mindful individuals are less susceptible to phishing. By showing individuals with increased awareness are significantly able to identify areas that phishing attempts exploit. Based on a review of the literature a misconception exists between end-users, corporation and Internet Service Providers (ISP) regarding ownership of Phishing identification. Specifically, individuals blame ISPs and corporate information technology departments for failing to protect them from Phishing attacks. Still, the truth of the matter is that the end-user is ultimately the weakest link in the phishing identification chain. The methodology of this study polled participants through initial screening focusing on whether the individuals were mindful using the Mindful Attention Awareness Scale (MAAS) survey. Conclusions seen in this study in contrast with other studies saw no significant correlation between Mindfulness and phishing susceptibility, increase in cogitative ability or increase in Phishing identification. Thus, continued use of MAAS survey questionnaire is necessary to screen other groups for phishing awareness prior to focusing on other phishing cues

An Examination of User Detection of Business Email Compromise Amongst Corporate Professionals

With the evolution in technology and increase in utilization of the public Internet, Internet-based mobile applications, and social media, security risks for organizations have greatly increased. While corporations leverage social media as an effective tool for customer advertisements, the abundance of information available via public channels along with the growth in Internet connections to corporate networks including mobile applications, have made cyberattacks attractive for cybercriminals. Cybercrime against organizations is a daily threat and targeting companies of all sizes. Cyberattacks are continually evolving and becoming more complex that make it difficult to protect against with traditional security methods. Cybercriminals utilize email attacks as their most common method to compromise corporations for financial gain. Email attacks on corporations have evolved into very sophisticated scams that specifically target businesses that conduct wire transfers or financial transactions as part of their standard mode of operations. This new evolution of email driven attacks is called Business Email Compromise (BEC) attacks and utilize advanced social engineering, phishing techniques, and email hacking to manipulate employees into conducting fraudulent wire transfers that are intended for actual suppliers and business partners. One of the most common types of BEC attacks is the Chief Executive Officer (CEO) fraud, which are highly customized and targeted attacks aimed to impersonate corporate users that have authority to approve financial transactions and wire transfers in order to influence an employee to unknowingly conduct a fraudulent financial wire transfer. Thus, the main goal of this research study was to assess if there are any significant differences of corporate users’ detection skills of BEC attacks in a simulated test environment based on their personality attributes, using the Myers-Briggs Type Indicator® (MBTI®)’ 16 personalities® framework. BEC attacks have attributed to over $26 billion in corporate financial losses across the globe and are continually increasing. The human aspect in the cybersecurity has been a known challenge and is especially significant in direct interaction with BEC attacks. Furthermore, this research study analyzed corporate users’ attention span levels and demographics to assess if there are any significant differences on corporate users’ BEC attack detection skills. Moreover, this research study analyzed if there are any significant differences for BEC detection skills before and after a BEC awareness training. This research study was conducted by first developing an experiment to measure BEC detection and ensure validity via cybersecurity subject matter experts using the Delphi process. The experiment also collected qualitative and quantitative data for the participants’ performance measures using an application developed for the study. This research was conducted on a group of 45 corporate users in an experimental setting utilizing online surveys and a BEC detection mobile test application. This research validated and developed a BEC detection measure as well as the BEC awareness training module that were utilized in the research experiment. The results of the experiments were analyzed using analysis of variance (ANOVA) and analysis of covariance (ANCOVA) to address the research questions. It was found that there were that no statistically significant mean differences for Business Email Compromise Detection (BECD) skills between personality attributes of corporate professional participants, However, results indicated that there was a significant mean difference for BECD skills and span attention with a p\u3c.0001. Furthermore, there was a significant mean difference for BECD skills and span attention when controlled for gender with a p\u3c0.05. Furthermore, the results indicated that the BEC detection awareness training significantly improved the participant BEC detection skill with a p\u3c.0001. Moreover, following the training, it was found that female BEC detection test scores improved by 45% where the men BECD score improved by 31%. Recommendations for research and industry stakeholders are provided, including to corporations on methods to mitigate BEC attacks

Security practices of smartphone users at UKZN Westville Campus and its effects on the institutional information systems.

Masters Degree. University of KwaZulu-Natal, Durban.Technology has evolved through the years and brought about innovations in telecommunication tools such as smartphones, widely used today for various reasons, like educational purposes. Similar to other mobile devices, smartphones are prone to online attacks, and their usage on a university network may lead to cyber-attacks on a university's information systems. Many universities utilise information systems such as mobile websites and mobile applications like Office Outlook email, Moodle and Turnitin. Therefore, ensuring adequate online security is fundamental to mitigate online threats, but such actions are disregarded by most students who are considered the security administrators of their smartphones. This study used a quantitative research method to assess smartphone users' security practices at the UKZN Westville Campus and its effects on the Institutional Information Systems. The University of KwaZulu-Natal’s information systems includes a mobile website that enables students to access UKZN student central for academic and support services. The university also uses mobile applications such as MyUKZN, Turnitin and Moodle. The study gathered data via paper-based and online questionnaires from the University of KwaZulu-Natal students that own and use smartphones to connect to the internet via the university’s WIFI on campus. The findings of this study revealed that online threats might occur through students disregard for the university's online security guidelines. Some students’ lack of online security knowledge was also discovered, making these individuals’ smartphones possible entry points for online attacks. Regardless of online security skill level, students demonstrated inconsistent security behaviour. The above mentioned inadequate security practices by students can result in the UKZN experiencing a data breach, financial loss, disruption of services, intellectual property theft, and much more damages. The findings further indicated that students that possess good security skills do not readily implement security measures because the process is assumed to be stressful