CS406: Information Security

Social engineering attacks are rapidly increasing in today’s networks and are weakening the cyber security chain. They aim at manipulating individuals and enterprises to divulge valuable and sensitive data in the interest of cyber criminals. Social engineering is challenging the security of all networks regardless of the robustness of their firewalls, cryptography methods, intrusion detection systems, and anti-virus software systems. Humans are more likely to trust other humans compared to computers or technologies. Therefore, they are the weakest link in the security chain. Malicious activities accomplished through human interactions influence a person psychologically to divulge confidential information or to break the security procedures. Due to these human interactions, social engineering attacks are the most powerful attacks because they threaten all systems and networks. They cannot be prevented using software or hardware solutions as long as people are not trained to prevent these attacks. Cyber criminals choose these attacks when there is no way to hack a system with no technical vulnerabilities.

According to the U.S. Department of Justice, social engineering attacks are one of the most dangerous threats over the world. In 2016, the cyber security analyst company Cyence stated that the United States was the country targeted by the most social engineering attacks and had the highest attacking cost followed by Germany and Japan. The estimated cost of these attacks in the US was $121.22 billion. In particular, U.S. companies are highly targeted and impacted by cyber criminals and hackers from everywhere in the world. These companies handle international significant valuable data and when these companies are hacked, it highly impacts the worldwide economy and privacy. For instance, Equifax company was hacked for several months and sensitive costumers ‘data were stolen in 2018. This company is a consumer credit reporting and monitoring agency that aggregates data of individuals and business consumers to monitor their credit history and prevent frauds. As a result of this data theft, attackers accessed personal information of 145.5 million American consumers. This data included consumers’ full names, birth dates, social security numbers (SSN), driver license numbers, addresses, telephone numbers, credit cards information, and credit scores. This breach was the result of phishing attacks conducted by sending thousands of emails pretending to be from financial institutions or big banks such as Bank of America [5]. Equifax users are still worrying about this breach lunched by cyber attackers. A more recent cyber security attack was reported by Central Bank where an attacker stole over $80 million using a remote access trojans (RAT) installed on the bank’s computers.

In addition, U.S. Federal Bureau of Investigation (FBI) reported an increase of CEO fraud and email scams where attackers send emails to some employees pretending to be their boss and asking them to transfer funds. These companies lost more than $2.3 billion. Moreover, recent studies and surveys reported that 84% of cyber-attacks are conducted by social engineers with high success rate. Thus, these statistics and others show that social engineering attacks can cost more than a natural disaster, which confirms how important it is to detect and mitigate these cyber attacks.

In this paper, we present an in-depth survey about social engineering attacks, existing detection methods, and countermeasure techniques. The rest of this paper is organized as follows. Section 2 classifies and describes social engineering attacks. Section 3 and Section 4 provide an overview of existing detection, prevention, and mitigation techniques. These techniques are then discussed and compared in Section 5. Section 6 represents challenges and future directions. Finally, a conclusion is given at the end.