The impact of social engineer attack phases on improved security countermeasures: Social engineer involvement as mediating variable

Abstract

The objective of this paper is to examine a model to identify social engineer attack phases to improve the security countermeasures by social-engineer involvement. A questionnaire was developed and distributed to a sample of 243 respondents who were actively engaged in three Jordanian telecommunication companies. All hypotheses were tested using PLS-SEM. The results of the study indicate that social engineer attack phases (identification the potential target, target recognition, decision approach, and execution) have a partially mediate and significant impact on improving the security countermeasures by social-engineer involvement. On the other hand, the social engineer attack phases (information aggregations, analysis and interpretation, armament, and influencing) have a fully mediate and significant impact on improving the security countermeasures by social-engineer involvement. The findings of this study help to provide deep insight to help security professionals prepare better and implement the right and appropriate countermeasures, whether technical or soft measures.