• Corpus ID: 31269537

Towards a development of a Social Engineering eXposure Index (SEXI) using publicly available personal information

@inproceedings{Wilkerson2017TowardsAD,
  title={Towards a development of a Social Engineering eXposure Index (SEXI) using publicly available personal information},
  author={W. Shawn Wilkerson and Yair Levy and J. Richard Kiper and Martha Snyder},
  year={2017}
}
Millions of people willingly expose their lives via Internet technologies every day, and even those who stay off the Internet find themselves exposed through data breaches. Trillions of private information records flow through the Internet. Marketers gather personal preferences to coerce shopping behavior, while providers gather personal information to provide enhanced services. Few users have considered where their information is going or who has access to it. Even fewer are aware of how… 
1 Citations
An Examination of User Detection of Business Email Compromise Amongst Corporate Professionals
iv Acknowledgements vi List of Tables ix List of Figures x

References

SHOWING 1-10 OF 29 REFERENCES
Dissecting social engineering
TLDR
This article has sought to elaborate the concept of SE through analysis of the functions of different techniques and was able to extrapolate three dimensions of SE: persuasion, fabrication, and data gathering, which can be grasped in all its aspects instead of through individual techniques.
On the leakage of personally identifiable information via online social networks
TLDR
This research shows that it is possible for third-parties to link PII, which is leaked via OSNs, with user actions both within OSN sites and else-where on non-OSN sites.
Privacy in the Digital Age: A Review of Information Privacy Research in Information Systems
TLDR
A critical analysis of the literature reveals that information privacy is a multilevel concept, but rarely studied as such, and calls for research on information privacy to use a broader diversity of sampling populations and to publish more design and action research in journal articles that can result in IT artifacts for protection or control of information privacy.
Social Engineering: The Neglected Human Factor for Information Security Management
TLDR
Various social engineering attacks and their leading human factors are unveiled, and several ways to defend against social engineering are discussed: education, training, procedure, and policy.
Addressing the Personalization-Privacy Paradox: An Empirical Assessment from a Field Experiment on Smartphone Users
TLDR
Overall the proposed IT solution, which delivers a personalized service but avoids transmitting users' personal information to third parties, reduces users' perceptions that their information boundaries are being intruded upon, thus mitigating the personalization--privacy paradox and increasing both process and content gratification.
Internet Privacy Concerns: An Integrated Conceptualization and Four Empirical Studies
TLDR
The empirical results confirm that, in general, the third-order conceptualizations of IPC outperform their lower-order alternatives and are a significant determinant of both trusting beliefs and risk beliefs.
The Art of Deception: Controlling the Human Element of Security
TLDR
Kevin Mitnick redeems his former life of crime by providing specific guidelines for developing protocols, training programs, and manuals to ensure that a company's sophisticated technical security investment will not be for naught.
Privacy and human behavior in the age of information
TLDR
This Review summarizes and draws connections between diverse streams of empirical research on privacy behavior: people’s uncertainty about the consequences of privacy-related behaviors and their own preferences over those consequences; the context-dependence of people's concern about privacy; and the degree to which privacy concerns are malleable—manipulable by commercial and governmental interests.
...
...