Analysis of Vulnerabilities Associated with Social Engineering Attacks Based on User Behavior

Eduardo Benavides-Astudillo, Luis Silva-Ordoñez, Ronny Rocohano-Rámos, Walter Fuertes, Félix Fernández-Peña, Sandra Sanchez-Gordon, Rodrigo Bastidas-Chalan

Resultado de la investigación: Capítulo del libro/informe/acta de congresoContribución de conferenciarevisión exhaustiva


One of the most effective attacks on cybersecurity is Social Engineering, in which the attacker deceives an end-user to steal its credentials and perpetrate cyber-crimes. There are hardware and software countermeasures to deal with these types of attacks. However, people themselves are the most vulnerable link in this security chain. In addition, there are influencing factors in people’s behavior, which make them more vulnerable. This study aims to determine the most common characteristics that make users vulnerable, either individually or in groups. For this, we conduct an exploratory and descriptive study on administrative, lecturers, and students of a higher education institution on four scales that consider the following behaviors: risk behavior, conservative behavior, exposure to offense, and perception of risk. The results obtained show that users with risky behavior are the most exposed to a Social Engineering attack. We also concluded that the analyzed groups of lecturers and administrators are less likely to be victims of these attacks than students. Finally, we inferred that people who spend more time in front of a computer and are more permissive of risky behaviors are more vulnerable to these attacks.

Idioma originalInglés
Título de la publicación alojadaApplied Technologies - 3rd International Conference, ICAT 2021, Proceedings
EditoresMiguel Botto-Tobar, Sergio Montes León, Pablo Torres-Carrión, Marcelo Zambrano Vizuete, Benjamin Durakovic
EditorialSpringer Science and Business Media Deutschland GmbH
Número de páginas14
ISBN (versión impresa)9783031038839
EstadoPublicada - 2022
Publicado de forma externa
Evento3rd International Conference on Applied Technologies, ICAT 2021 - Quito, Ecuador
Duración: 27 oct. 202129 oct. 2021

Serie de la publicación

NombreCommunications in Computer and Information Science
Volumen1535 CCIS
ISSN (versión impresa)1865-0929
ISSN (versión digital)1865-0937


Conferencia3rd International Conference on Applied Technologies, ICAT 2021

Nota bibliográfica

Publisher Copyright:
© 2022, Springer Nature Switzerland AG.


Profundice en los temas de investigación de 'Analysis of Vulnerabilities Associated with Social Engineering Attacks Based on User Behavior'. En conjunto forman una huella única.

Citar esto