Розмір шрифта:
SOCIAL ENGINEERING AS A TOOL OF CYBERATTACKS
Остання редакція: 2026-05-22
Анотація
This paper examines social engineering as one of the most effective tools used in modern cyberattacks. The study analyzes how attackers exploit human psychology, trust, fear, urgency, curiosity, and lack of awareness to gain unauthorized access to information systems. Special attention is given to phishing, vishing, smishing, social media attacks, and business email compromise. The paper emphasizes that even advanced technical security tools may become ineffective if users do not have a sufficient level of cybersecurity awareness. In addition, the study considers key countermeasures against social engineering, including employee training, multi-factor authentication, request verification policies, phishing simulations, and the development of a strong cybersecurity culture within organizations.
Ключові слова
social engineering, cybersecurity, phishing, cyberattacks, human factor, information security, cyber awareness
Посилання
1. Hadnagy, C. (2018). Social Engineering: The Science of Human Hacking. Wiley.
2. Mitnick, K. D., & Simon, W. L. (2002). The Art of Deception: Controlling the Human Element of Security. Wiley.
3. CISA. Avoiding Social Engineering and Phishing Attacks. URL: https://www.cisa.gov/news-events/news/avoiding-social-engineering-and-phishing-attacks - date of application 11.05.2026.
4. ENISA. Threat Landscape 2024. URL: https://www.enisa.europa.eu/publications/enisa-threat-landscape-2024 - date of application 11.05.2026.
5. Verizon. Data Breach Investigations Report 2024. URL: https://www.verizon.com/business/resources/reports/dbir/ - date of application 11.05.2026.
6. Nykyporets, S. S., Kot, S. O., Boiko, Y. V., Melnyk, M. B., & Chopliak, V. V. (2024). Advanced integration of virtual information environments (VIEs) in contemporary educational methodologies. Society and National Interests. Series “Education/Pedagogy”, 4(4), 139-154. https://doi.org/10.52058/3041-1572-2024-4(4)-139-154.
7. Sachaniuk-Kavets’ka, N. V., & Nykyporets, S. S. (2026). LLM-based automation for translating mathematical formulae and symbols: Challenges and perspectives for technical communication. Scientific Innovations and Advanced Technologies. Series "Education/Pedagogy", 3(55), 660-677. https://doi.org/10.52058/2786-5274-2026-3(55)-660-677.
2. Mitnick, K. D., & Simon, W. L. (2002). The Art of Deception: Controlling the Human Element of Security. Wiley.
3. CISA. Avoiding Social Engineering and Phishing Attacks. URL: https://www.cisa.gov/news-events/news/avoiding-social-engineering-and-phishing-attacks - date of application 11.05.2026.
4. ENISA. Threat Landscape 2024. URL: https://www.enisa.europa.eu/publications/enisa-threat-landscape-2024 - date of application 11.05.2026.
5. Verizon. Data Breach Investigations Report 2024. URL: https://www.verizon.com/business/resources/reports/dbir/ - date of application 11.05.2026.
6. Nykyporets, S. S., Kot, S. O., Boiko, Y. V., Melnyk, M. B., & Chopliak, V. V. (2024). Advanced integration of virtual information environments (VIEs) in contemporary educational methodologies. Society and National Interests. Series “Education/Pedagogy”, 4(4), 139-154. https://doi.org/10.52058/3041-1572-2024-4(4)-139-154.
7. Sachaniuk-Kavets’ka, N. V., & Nykyporets, S. S. (2026). LLM-based automation for translating mathematical formulae and symbols: Challenges and perspectives for technical communication. Scientific Innovations and Advanced Technologies. Series "Education/Pedagogy", 3(55), 660-677. https://doi.org/10.52058/2786-5274-2026-3(55)-660-677.
Повний текст:
PDF