Social engineering in the context of Cialdini's psychology of persuasion and personality traits

This thesis shows that social engineering mainly relies on peripheral route persuasion and that consequently, Cialdini's principles of influence can be used to explain how social engineering attacks work. It is further shown by a comprehensive literature review that individual values of personality traits relate to social engineering susceptibility. Based on these arguments, a framework is proposed, which can help to guide future research. Suggestions to plausible relations between the personality traits of the Big 5 Theory and the principles of influence are made. These relations need to be evaluated by future research. Lastly, an integrated approach to prevention against social engineering attacks is proposed, which combines penetration tests using social engineering, security awareness trainings, and the development of a security-aware organizational culture. The methodology used in conducting this investigation is a theoretical, positive research approach. Extensive literature reviews have been conducted on social engineering, psychology of persuasion and the influence of personality traits on the success of social engineering attacks. Based on an analysis and discussion of these reviews, proposals for a new framework and a prevention approach have been developed.

Subjects

IT-Sicherheit

Social Engineering

Persönlichkeit

Einfluss

Prävention

social engineering

psychology of persuasion

Cialdini

personality traits, IT security

prevention

Lizenz

https://creativecommons.org/licenses/by-sa/2.0/de/

Name

Social_Engineering_in_the_Context_of_Cialdinis_Psychology_of_Persuasion_and_Personality_Traits.pdf

Size

1.65 MB

Format

Adobe PDF

Options

Social engineering in the context of Cialdini's psychology of persuasion and personality traits