Search results

This study aims to examine how social engineers use persuasion principles during vishing attacks.

In total, 86 examples of real-world vishing attacks were found in articles and videos. Each example was coded to determine which persuasion principles were present in that attack and how they were implemented, i.e. what specific elements of the attack contributed to the presence of each persuasion principle.

Authority (A), social proof (S) and distraction (D) were the most widely used persuasion principles in vishing attacks, followed by liking, similarity and deception (L). These four persuasion principles occurred in a majority of vishing attacks, while commitment, reciprocation and consistency (C) did not. Further, certain sets of persuasion principles (i.e. authority, distraction, liking, similarity, and deception and social proof; , authority, commitment, reciprocation, and consistency, distraction, liking, similarity and deception, and social proof; and authority, distraction and social proof) were used more than others. It was noteworthy that despite their similarities, those sets of persuasion principles were implemented in different ways, and certain specific ways of implementing certain persuasion principles (e.g. vishers claiming to have authority over the victim) were quite rare.

To the best of authors’ knowledge, this study is the first to investigate how social engineers use persuasion principles during vishing attacks. As such, it provides important insight into how social engineers implement vishing attacks and lays a critical foundation for future research investigating the psychological aspects of vishing attacks. The present results have important implications for vishing countermeasures and education.

The purpose of the study is to identify cybersecurity threats that hinder the adoption of digital banking and provide sustainable strategies to combat cybersecurity risks in the banking industry.

Systematic literature review guidelines were used to conduct a quantitative synthesis of empirical evidence regarding the impact of cybersecurity threats and risks on the adoption of digital banking.

A total of 84 studies were initially examined, and after applying the selection and eligibility criteria for this systematic review, 58 studies were included. These selected articles consistently identified identity theft, malware attacks, phishing and vishing as significant cybersecurity threats that hinder the adoption of digital banking.

With the country’s banking sector being new in this area, this study contributes to the scant literature on cyber security, which is mostly in need due to the myriad breaches that the industry has already suffered thus far.

This study aims to investigate how phishers apply persuasion principles and construct deceptive URLs in mobile instant messaging (MIM) phishing.

In total, 67 examples of real-world MIM phishing attacks were collected from various online sources. Each example was coded using established guidelines from the literature to identify the persuasion principles, and the URL construction techniques employed.

The principles of social proof, liking and authority were the most widely used in MIM phishing, followed by scarcity and reciprocity. Most phishing examples use three persuasion principles, often a combination of authority, liking and social proof. In contrast to email phishing but similar to vishing, the social proof principle was the most commonly used in MIM phishing. Phishers implement the social proof principle in different ways, most commonly by claiming that other users have already acted (e.g. crafting messages that indicate the sender has already benefited from the scam). In contrast to email, retail and fintech companies are the most commonly targeted in MIM phishing. Furthermore, phishers created deceptive URLs using multiple URL obfuscation techniques, often using spoofed domains, to make the URL complex by adding random characters and using homoglyphs.

The insights from this study provide a theoretical foundation for future research on the psychological aspects of phishing in MIM apps. The study provides recommendations that software developers should consider when developing automated anti-phishing solutions for MIM apps and proposes a set of MIM phishing awareness training tips.

The case fosters discussions on basic concepts of entrepreneurship that include building a minimum viable product before launching a finished product, the importance of doing market research for early-stage startups, challenges in understanding an unfamiliar domain or industry and understanding the dynamics of business to business market.

Team Arnetta’s founders were interviewed in relation to the case. After the initial round of interviews, a product demonstration was given by Arnetta. Follow up interviews were conducted to delve-deeper into the problem while secondary research was conducted to understand the market dynamics and competitive landscape at the point in time in the case.

The four founders of Arnetta Technologies debate go-to-market timing for Integrated Breeding and Research Management Software, a data handling software for the R&D process followed by seed enterprises in India. The founders had spent over US$75,000 on the product development on which they had been working for more than one year. Two of the founders had given up their full-time jobs to work dedicatedly on the venture. The product was being customized to the requirements of their only client. Product development was taking longer than anticipated. To add to the challenges, international competitors had started capturing the Indian market. The founders had two options. First, they could wait and finish the product development before reaching out to their prospective clients – leading to delays and losing out on the market. Second, they could reach out to prospective clients and convince them to use the work-in-progress version of the product – which could turn out to be a deal breaker. The founders had to come to a consensus soon.

The case is intended for students in undergraduate or graduate-level courses related to entrepreneurship, new venture creation, innovation management and business management.

This paper aims to verify the brand image effects of holding a sport mega-event by investigating the host city's influence on the country's branding, as a tourist destination.

This research considered the Rio 2016 Olympic Games and uses quantitative methods: exploratory factor analysis and regression. Data were collected by structured questionnaires with a sample of (n = 274) international respondents with high international travel experience.

Rio de Janeiro's 2016 host city image positively predicted Brazil's tourist destination image. Both cognitive and affective image dimensions of Rio as a host city predicted Brazil's destination image, but the cognitive image dimensions demonstrated more impact.

Even in a mega-event context, city marketing strategies should be planned and executed with a focus on the country's destination image.

The study contributes by focusing on presenting the importance of the host city image dimensions to the host country destination image in a sports mega-event context. The study investigated a new approach, the impacts of affective and cognitive dimensions in the overall destination image considering two connected destinations and the hosting of a sport mega-event, a condition not found in the literature thus far.

The purpose of this study is to discuss the harmful use of deepfakes in an organizational context, based on the only two cases the authors found that were addressed by the media from the perspective of corporate fraud. This study offers an overview of deepfake technology, and in particular, examines five W questions to better decipher the impact of these tools on organizations: What is deepfake? Who is the fraudster and who is targeted? Why use them and how? And What after? Based on these five W questions, this study provides an in-depth discussion of the two cases identified. Even though this technology has several advantages, this study examines its dark side.

Using comparative analysis, the authors study the only two known and publicized fraud cases by using deepfakes that have targeted chief executive officers to date.

The paper provides an extensive picture of the unethical and illicit use of deepfakes in an organizational context and discusses how this technology could affect fraud risk. In addition, the analysis of cases shows that voice-generating software, combined with other fraud schemes such as business email compromise, facilitates the commission of the fraud, as the victims feel confident because they recognize the speaker’s voice and emails. The analysis shows that any organization could be vulnerable to this technology. The median costs of this type of fraud can be high. For the two cases identified, the estimated losses amounted to US$243,000 and US$35,000,000, respectively.

This paper adds new insights to the scarce research on deepfakes and financial crime by investigating the causes and consequences of the unethical and illicit use of deepfakes. It has several implications for organizations, boards of directors, management and regulatory authorities.

The purpose of the present study is to propose identifying similar characteristics and managerial actions of the sector brand identity elements among the associations that compound the Brasil Fashion System (BFS) brand.

An exploratory qualitative research was developed through in-depth interviews conducted with associations of the Brazilian fashion sector.

The results indicate that there are characteristics of the elements of brand identity that are similar between the associations that compound the BFS brand. However, there are also several distinct characteristics among them, which makes it difficult, in large part, to consolidate the brand identity of the Brazilian fashion industry abroad.

Moreover, it was indicated that for sectorial brand cases with a great divergence among brand partners, the creation of sub-sectorial brand specific for each partner could bring better results, as in this way, brands could be created with more suitable attributes for each partner, which will better suit their target audiences.

A practical contribution is also obtained, as the study can help in elaborating upon improvements for the sectorial brands that represent a large partners group.

An empirical evidence of how to identify common attributes between sectorial brand partners was presented to have a consolidated brand image in the external market.

This chapter explores the laws and unique challenges associated with the investigation and prosecution of cybercrime. Crimes that involve the misuse of computers (e.g., hacking, denial of service, and ransomware attacks) and criminal activity that uses computers to commit the act are both covered (e.g., fraud, theft, and money laundering). This chapter also describes the roles of the various federal agencies involved in investigating cybercrime, common cybercrime terms and trends, the statutes frequently used to prosecute cybercrimes, and the challenges and complexity of investigating cybercrime.

The purpose of this paper is to propose a framework to address the problem that email users are not well-informed or assisted by their email clients in identifying possible phishing attacks, thereby putting their personal information at risk. This paper therefore addresses the human weakness (i.e. the user’s lack of knowledge of phishing attacks which causes them to fall victim to such attacks) as well as the software related issue of email clients not visually assisting and guiding the users through the user interface.

A literature study was conducted in the main field of information security with a specific focus on understanding phishing attacks and a modelling technique was used to represent the proposed framework. This paper argues that the framework can be suitably implemented for email clients to raise awareness about phishing attacks. To validate the framework as a plausible mechanism, it was reviewed by a focus group within the School of Information and Communication Technology (ICT) at the Nelson Mandela Metropolitan University (NMMU). The focus group consisted of academics and research students in the field of information security.

This paper argues that email clients should make use of feedback mechanisms to present security related aspects to their users, so as to make them aware of the characteristics pertaining to phishing attacks. To support this argument, it presents a framework to assist email users in the identification of phishing attacks.

Future research would yield interesting results if the proposed framework were implemented into an existing email client to determine the effect of the framework on the user’s level of awareness of phishing attacks. Furthermore, the list of characteristics could be expanded to include all phishing types (such as clone phishing, smishing, vishing and pharming). This would make the framework more dynamic in that it could then address all forms of phishing attacks.

The proposed framework could enable email clients to provide assistance through the user interface. Visibly relaying the security level to the users of the email client, and providing short descriptions as to why a certain email is considered suspicious, could result in raising the awareness of the average email user with regard to phishing attacks.

This research presents a framework that email clients can use to identify common forms of normal and spear phishing attacks. The proposed framework addresses the problem that the average Internet user lacks a baseline level of online security awareness. It argues that the email client is the ideal place to raise the awareness of users regarding phishing attacks.

A new research program has been established that determines the nature and extent of consumer socialization of children throughout the industrialized world. The first three nations' children to be studied were those in Hong Kong, New Zealand, and Taiwan. This paper describes this program, the results of the three consumer socialization studies, and provides cross‐comparisons among the three nations and the United States.