Abstract

There is a problem in business: a lack of awareness of social engineering, a type of non-technical hacking which is used to manipulate individuals into divulging confidential information or performing actions that compromise personal or organizational security. This problem affects employees by reducing their respective productivity. It also affects entire organizations because detecting and recovering from social engineering attacks is time-consuming and expensive. The purpose of this qualitative case study is to examine the potential lack of awareness of social engineering at organizations in southeast Michigan. The theoretical framework supporting this study is Buller and Burgoon's Interpersonal Deception Theory (IDT), which states in part that deception is an interactive process. The interaction between a social engineer and his/her target can be understood using IDT. Data will be gathered through face-to-face interviews with college faculty members in business and CIS/IT as well as businesspeople in southeast Michigan.

Share

COinS