An expert assessment of corporate professional users to measure business email compromise detection skills and develop a knowledge and awareness training program

Shahar Aviv, Yair Levy, Ling Wang, Nitza Geri

نتاج البحث: فصل من :كتاب / تقرير / مؤتمرمنشور من مؤتمرمراجعة النظراء

ملخص

Cybercrime against organizations is a daily threat and targeting companies of all sizes. Cyberattacks are continually evolving and becoming more complex. Cybercriminals utilize email attacks as their most used method to compromise corporations for financial gain. Email attacks have evolved into sophisticated scams which target businesses that conduct wire transfers as part of their business operations. The FBI has announced a new evolution of email attacks called Business Email Compromise (BEC) scams which utilize social engineering, phishing, and email hacking to manipulate employees into conducting fraudulent wire transfers. The goal of this study was to use cybersecurity experts to validate the BEC detection measurement criteria for user skills and an awareness training program amongst corporate professionals. BEC attacks have attributed to over $26 billion in financial losses across the globe and are continually increasing. A Delphi methodology was utilized to attain feedback from 30 cybersecurity experts to develop and validate the BEC detection measure and awareness training. Results show that there are four contributing attributes to BEC detection: email authenticity detection skills, malicious mobile application detection skills, ability to detect mobile malware indicators, and the ability to detect phishing emails. The research study concludes with discussions and future research recommendations.
اللغة الأصليةإنجليزيّة أمريكيّة
عنوان منشور المضيفWISP 2019 Proceedings
العنوان الفرعي لمنشور المضيفPre-ICIS Workshop on Information Security and Privacy (SIGSEC)
ناشرAssociation for Information Systems
عدد الصفحات16
حالة النشرنُشِر - 2019

بصمة

أدرس بدقة موضوعات البحث “An expert assessment of corporate professional users to measure business email compromise detection skills and develop a knowledge and awareness training program'. فهما يشكلان معًا بصمة فريدة.

قم بذكر هذا