Search results

This study aims to investigate how phishers apply persuasion principles and construct deceptive URLs in mobile instant messaging (MIM) phishing.

In total, 67 examples of real-world MIM phishing attacks were collected from various online sources. Each example was coded using established guidelines from the literature to identify the persuasion principles, and the URL construction techniques employed.

The principles of social proof, liking and authority were the most widely used in MIM phishing, followed by scarcity and reciprocity. Most phishing examples use three persuasion principles, often a combination of authority, liking and social proof. In contrast to email phishing but similar to vishing, the social proof principle was the most commonly used in MIM phishing. Phishers implement the social proof principle in different ways, most commonly by claiming that other users have already acted (e.g. crafting messages that indicate the sender has already benefited from the scam). In contrast to email, retail and fintech companies are the most commonly targeted in MIM phishing. Furthermore, phishers created deceptive URLs using multiple URL obfuscation techniques, often using spoofed domains, to make the URL complex by adding random characters and using homoglyphs.

The insights from this study provide a theoretical foundation for future research on the psychological aspects of phishing in MIM apps. The study provides recommendations that software developers should consider when developing automated anti-phishing solutions for MIM apps and proposes a set of MIM phishing awareness training tips.

The purpose of this paper is to scrutinise the effectiveness of four derivative exchanges’ enforcement efforts since 2007. These exchanges include the Commodity Exchange Inc. and ICE Futures US from the United States and ICE Futures Europe and the London Metal Exchange from the UK.

The paper examines 799 enforcement notices published by four exchanges through a behavioural science lens: HUMANS conceived by Hunt (2023) in Humanizing Rules: Bringing Behavioural Science to Ethics and Compliance.

The paper finds the effectiveness of the exchanges’ enforcement efforts to be a mixed picture as financial markets transition from the digital to artificial intelligence era. Humans remain a key cog in the wheel of market participants’ trading operations, albeit their roles have changed. Despite this, some elements of exchanges’ enforcement regimes have not kept pace with the move from floor to remote trading. However, in other respects, their efforts are or should be, effective, at least in behavioural terms.

The paper’s findings are arguably limited to exchanges based in Anglophone jurisdictions. The information published by the exchanges is variable, making “like-for-like” comparisons difficult in some areas.

The paper makes several recommendations that, if adopted, could help exchanges to increase the potency of their enforcement programmes.

A key aim of the paper is to shift the lens through which the debate concerning the efficacy of exchange-level oversight is conducted. Hitherto, a legal lens has been used, whereas this paper uses a behavioural lens.

The Cloud of Things (IoT) that refers to the integration of the Cloud Computing (CC) and the Internet of Things (IoT), has dramatically changed the way treatments are done in the ubiquitous computing world. This integration has become imperative because the important amount of data generated by IoT devices needs the CC as a storage and processing infrastructure. Unfortunately, security issues in CoT remain more critical since users and IoT devices continue to share computing as well as networking resources remotely. Moreover, preserving data privacy in such an environment is also a critical concern. Therefore, the CoT is continuously growing up security and privacy issues. This paper focused on security and privacy considerations by analyzing some potential challenges and risks that need to be resolved. To achieve that, the CoT architecture and existing applications have been investigated. Furthermore, a number of security as well as privacy concerns and issues as well as open challenges, are discussed in this work.

The purpose of the study is to identify cybersecurity threats that hinder the adoption of digital banking and provide sustainable strategies to combat cybersecurity risks in the banking industry.

Systematic literature review guidelines were used to conduct a quantitative synthesis of empirical evidence regarding the impact of cybersecurity threats and risks on the adoption of digital banking.

A total of 84 studies were initially examined, and after applying the selection and eligibility criteria for this systematic review, 58 studies were included. These selected articles consistently identified identity theft, malware attacks, phishing and vishing as significant cybersecurity threats that hinder the adoption of digital banking.

With the country’s banking sector being new in this area, this study contributes to the scant literature on cyber security, which is mostly in need due to the myriad breaches that the industry has already suffered thus far.

This study aims to investigate the contribution of blockchain technology to supply chain risk management and its impact on performance among Indian manufacturing companies.

Drawing on a resource-based view, dynamic capability and system of systems theory, this study examines the direct relationships between blockchain, supply chain risk management and supply chain performance. The authors validate the mediating effects of three supply chain risk management components, namely supply risk management, demand risk management and cyber security management, on financial transaction reliability and information reliability. Data were collected from 204 Indian manufacturing companies that have adopted blockchain technology.

The results demonstrate that companies adopting blockchain technology have experienced positive outcomes in managing supply chain-related risks, financial transaction reliability and information reliability. These findings provide valuable guidance to managers, highlighting blockchain as a competitive advantage for supply chain management.

To the best of the authors’ knowledge, no previous research on blockchain-based risk management capabilities has been conducted.

The purpose of this study is to review and synthesize the literature on in-app advertising, identify gaps and propose future research directions.

The authors use a systematic literature review (SLR) approach, following the PRISMA guidelines, to investigate the current state of research in in-app advertising. The study uses 44 shortlisted articles from the Scopus and Web of Science databases. Using the Theory-Context-Characteristics-Methodology (TCCM) framework, the authors analyze the gaps in theory, context, characteristics and methods.

Using thematic analysis, the authors identify five main themes in the in-app advertising literature, namely, ad platform optimization; mobile app user psychology and behavior; ad effectiveness; ad fraud; and security, privacy and other user concerns. The findings show the need for empirical research, with a strong theoretical foundation in emerging ad formats of in-app advertising, user behavior and buy-side of in-app advertising.

This is a maiden study to conduct a domain-based SLR in the emerging field of in-app advertising using the TCCM framework. The authors highlight the key differences between in-app advertising and mobile web advertising. The authors propose theories in the advertising field that could be used in future empirical studies of in-app advertising.

El propósito de esta investigación es revisar y sintetizar la literatura sobre la publicidad en Apps, identificar lagunas y proponer futuras direcciones de investigación.

Utilizamos un enfoque de revisión sistemática de la literatura, siguiendo las directrices PRISMA, para investigar el estado actual de la investigación en publicidad en aplicaciones. El estudio utiliza 44 artículos preseleccionados de las bases de datos Scopus y Web of Science (WoS). Utilizando el marco Teoría-Contexto-Características-Metodología (TCCM), analizamos las lagunas en teoría, contexto, características y métodos.

Mediante un análisis temático, identificamos cinco temas principales en la literatura sobre publicidad en aplicaciones, a saber: optimización de plataformas publicitarias; psicología y comportamiento de los usuarios de aplicaciones móviles; eficacia publicitaria; fraude publicitario; seguridad, privacidad y otras preocupaciones de los usuarios. Nuestros hallazgos muestran la necesidad de investigación empírica, con una sólida base teórica en los formatos publicitarios emergentes de la publicidad en Apps, el comportamiento del usuario y el buy-side de la publicidad en Apps.

Se trata de un estudio pionero para realizar una revisión sistemática de la literatura basada en el dominio en el campo emergente de la publicidad en Apps utilizando el marco TCCM. Destacamos las principales diferencias entre la publicidad en aplicaciones y la publicidad en la web para móviles. Proponemos teorías en el campo de la publicidad que podrían utilizarse en futuros estudios empíricos sobre la publicidad en Apps.

本研究旨在回顾和总结有关应用内广告的文献, 找出差距并提出未来的研究方向。

我们采用系统性文献综述方法, 遵循 PRISMA 指南, 调查应用内广告的研究现状。研究使用了 Scopus 和 Web of Science (WoS) 数据库中的 44 篇入围文章。利用理论-背景-特征-方法（TCCM）框架, 我们分析了理论、背景、特征和方法方面的差距。

通过主题分析, 我们确定了应用内广告文献的五大主题, 即广告平台优化; 移动应用用户心理和行为; 广告效果; 广告欺诈; 安全、隐私和其他用户关注点。我们的研究结果表明, 有必要在应用内广告的新兴广告形式、用户行为和应用内广告买方等方面开展实证研究, 并奠定坚实的理论基础。

这是一项首次使用 TCCM 框架对新兴的应用内广告领域进行基于领域的系统性文献综述的研究。我们强调了应用内广告与移动网络广告的主要区别。我们提出了广告领域的理论, 可用于未来的应用内广告实证研究。

The present work has proposed and employed an innovative hybrid method based on the combination of factor analysis and an artificial neural network (ANN) model to forecast customer satisfaction from the identified dimensions of service quality in India, a developing country.

The qualitative study is conducted with Internet banking users to understand e-banking clients' perceptions. The data is collected with the help of a questionnaire from randomly selected 208 customers in India. Firstly, factor analysis was performed to determine the influential factors of customer satisfaction, and four factors i.e. efficiency, reliability, security and privacy, and issue and problem handling were extracted accordingly. The neural network model is then applied to the factor scores to validate the key elements. Lastly, the comparative analysis of the actual ANN and the regression predicted result is done.

The success ability of the linear regression model is challenged when approximated to nonlinear problems such as customer satisfaction. It is concluded that the ANN model is a better fit than the linear regression model, and it can recognise the complex connections between the exogenous and endogenous variables. The results also show that reliability, security and privacy are the most influencing factors; however, problem handling and efficiency have the slightest effect on bank client satisfaction.

This research is conducted in India, and the sample is chosen from the urban area. The limitation of the purposeful sampling technique and the cross-sectional nature of the data may hamper the generalisation of the results.

The conclusions from the study will be helpful for policymakers, bankers and academicians. To our knowledge, few studies used ANN modelling to predict customer satisfaction in the service sector

The Denial of Service (DoS) attack is a category of intrusion that devours various services and resources of the organization by the dispersal of unusable traffic, so that reliable users are not capable of getting benefit from the services. In general, the DoS attackers preserve their independence by collaborating several victim machines and following authentic network traffic, which makes it more complex to detect the attack. Thus, these issues and demerits faced by existing DoS attack recognition schemes in cloud are specified as a major challenge to inventing a new attack recognition method.

This paper aims to detect DoS attack detection scheme, termed as sine cosine anti coronavirus optimization (SCACVO)-driven deep maxout network (DMN). The recorded log file is considered in this method for the attack detection process. Significant features are chosen based on Pearson correlation in the feature selection phase. The over sampling scheme is applied in the data augmentation phase, and then the attack detection is done using DMN. The DMN is trained by the SCACVO algorithm, which is formed by combining sine cosine optimization and anti-corona virus optimization techniques.

The SCACVO-based DMN offers maximum testing accuracy, true positive rate and true negative rate of 0.9412, 0.9541 and 0.9178, respectively.

The DoS attack detection using the proposed model is accurate and improves the effectiveness of the detection.

Internet of things (IoT) involves the connection of various devices. IoT’s application ranges from wearables: Smart Home Application, Health Care, Smart Offices, Smart Cities, Agriculture, and Industrial Automation. While the number of connected devices grows by the day, so does the number of security risks and vulnerabilities that these devices face. Billions of the connected devices collect and transmit huge volumes of data making Data Security one of the most pressing technical concerns in IoT. Smart Office is one of the increasing IoT applications and Data Security has become today one of the most challenging areas in its application. It is important to identify data security threats. This chapter therefore presents a review of IoT Smart Office Data Security Threats based on existing research done.

In the modern digital realm, while artificial intelligence (AI) technologies pave the way for unprecedented opportunities, they also give rise to intricate cybersecurity issues, including threats like deepfakes and unanticipated AI-induced risks. This study aims to address the insufficient exploration of AI cybersecurity awareness in the current literature.

Using in-depth surveys across varied sectors (N = 150), the authors analyzed the correlation between the absence of AI risk content in organizational cybersecurity awareness programs and its impact on employee awareness.

A significant AI-risk knowledge void was observed among users: despite frequent interaction with AI tools, a majority remain unaware of specialized AI threats. A pronounced knowledge difference existed between those that are trained in AI risks and those who are not, more apparent among non-technical personnel and sectors managing sensitive information.

This study paves the way for thorough research, allowing for refinement of awareness initiatives tailored to distinct industries.

It is imperative for organizations to emphasize AI risk training, especially among non-technical staff. Industries handling sensitive data should be at the forefront.

Ensuring employees are aware of AI-related threats can lead to a safer digital environment for both organizations and society at large, given the pervasive nature of AI in everyday life.

Unlike most of the papers about AI risks, the authors do not trust subjective data from second hand papers, but use objective authentic data from the authors’ own up-to-date anonymous survey.