Social against social engineering: Concept and development of a Facebook application to raise security and risk awareness
Abstract
Purpose
This study attempts to develop an efficient concept to mitigate the risks of social engineering in the era of social networks. For instance friend requests on Facebook are often accepted blindly, thus granting unknown people access to profile details. These problems fuel requirements for an application, developed in this study, that raises awareness of security issues in Facebook.
Design/methodology/approach
The “Theory of Planned Behaviour” (TPB), a model from psychology to predict behaviour, is used as a theoretical foundation for the application. Attitudes, perceived behavioural control and social norms are the main variables of this model. Social norms can be massively affected by the Facebook friends and therefore an application is developed which uses this in order to raise awareness.
Findings
The application propagated itself virally. Out of 117 users of the application, 15 took action to change the public‐search option visibility from public to private. The use of the application took on average 10.5 minutes.
Originality/value
Applications that scan a Facebook profile for fishy content already exist. However, at the time of writing this paper, no application specifically written against social engineering was known to the author.
Keywords
Citation
Gulenko, I. (2013), "Social against social engineering: Concept and development of a Facebook application to raise security and risk awareness", Information Management & Computer Security, Vol. 21 No. 2, pp. 91-101. https://doi.org/10.1108/IMCS-09-2012-0053
Publisher
:Emerald Group Publishing Limited
Copyright © 2013, Emerald Group Publishing Limited