Exploiting the Human Factor: Social Engineering Attacks on Cryptocurrency Users

Weber, Kristin; Schütz, Andreas E.; Fertig, Tobias; Müller, Nicholas H.

doi:10.1007/978-3-030-50506-6_45

Cited by 23 publications

(16 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The social engineering attack (SEA) is defined as an action, where “an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems” [ 184 ]. Social engineering is targeting Internet-related systems in particular, and is increasingly being applied to cryptocurrency users [ 185 ].…”

Section: Social Engineering Attacks and Countermeasuresmentioning

confidence: 99%

See 1 more Smart Citation

Security of Cryptocurrencies: A View on the State-of-the-Art Research and Current Developments

Weichbroth

Wereszko

Anacka

et al. 2023

Sensors

View full text Add to dashboard Cite

[Context] The goal of security is to protect digital assets, devices, and services from being disrupted, exploited or stolen by unauthorized users. It is also about having reliable information available at the right time. [Motivation] Since the inception in 2009 of the first cryptocurrency, few studies have been undertaken to analyze and review the state-of-the-art research and current developments with respect to the security of cryptocurrencies. [Purpose] We aim to provide both theoretical and empirical insights into the security landscape, in particular focusing on both technical solutions and human-related facets. [Methodology] We used an integrative review which could help in building science and scholarly research, the basis for conceptual and empirical models. [Results] Successful defense against cyberattacks depends on technical measures on the one hand, as well as on self-education and training with the aim to develop competence, knowledge, skills and social abilities, on the other. [Contribution] Our findings provide a comprehensive review for the major achievements and developments of the recent progress on the security of cryptocurrencies. [Future research] Since there is increasing interest in adoption of the current solutions within the central bank digital currencies, the future research should explore the development and inception of effective measures against social engineering attacks, which still remain the main concern.

show abstract

Section: Social Engineering Attacks and Countermeasuresmentioning

confidence: 99%

“…Social engineering attacks on cryptocurrency users exploit the human factor [ 185 ]. Socially based cyberattacks can appear by employing various acts, such as tailgating, impersonating, eavesdropping, shoulder surfing, dumpster diving, reverse social engineering, and others [ 197 ].…”

Section: Social Engineering Attacks and Countermeasuresmentioning

confidence: 99%

Security of Cryptocurrencies: A View on the State-of-the-Art Research and Current Developments

Weichbroth

Wereszko

Anacka

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…4,34,35 Social engineering attacks deal with people's behavior and their emotions, and the attacks may be mitigated by social engineering awareness. 36,37 Weber et al 38 argued that security is not a technological problem but rather a people problem. There is need to raise awareness to the human being as a target and attacker.…”

Section: Theoretical Framework Alignmentmentioning

confidence: 99%

Enhanced social engineering framework mitigating against social engineering attacks in higher education

Matyokurehwa

Rudhumbu

Gombiro

et al. 2022

Security and Privacy

View full text Add to dashboard Cite

The purpose of this paper was to develop and validate an enhanced social engineering framework to mitigate against social engineering attacks. The study formulated a theoretical framework which was informed by the strengths and weaknesses of existing social engineering frameworks, the framework was also guided by the Dhillon's balanced control theory. The theoretical framework was validated by experts using the Delphi technique which comprised of three rounds. A sample of 25 experts from three higher education institutions which met the inclusion criteria were selected. The study was guided by the interpretivism philosophy to get a deep understanding of the phenomenon under study. The findings reveal that social engineering awareness, organizational security policy and Internet of Things (IOT) security succor in reducing social engineering attacks. The findings from this study will be utilized by decision makers in higher education sector to come up with engaging social engineering training programs, set up an organizational security policy and preclude IOT attacks to mitigate social engineering attacks in higher education. The study contributes to the field of social engineering with an enhanced social engineering framework that mitigate against social engineering attacks. The study adds to under-represented social engineering framework in higher education.

show abstract

“…In November 2017, cybercriminals used a fake Twitter account (@RedPulseNEO) to lure victims to a phishing website (redpulsetoken.co), promising to offer an airdrop (free tokens) for a limited period. Asking the victim to enter the private key of their NEO wallet to claim the bonus, criminals stole the victim's funds [8]. Next attack was Fake Twitter Accounts, 2018: Twitter is a popular social media platform within the cryptocurrency community where all-important players of blockchain and digital economy have Twitter accounts.…”

Section: Introductionmentioning

confidence: 99%

“…Several followers transferred ETH to the fake addresses. In this attack pretexting was used as a social engineering attack technique [8]. Similarly, next to social engineering attack was Ethereum Classic attack, 2017: In 2017, several people lost thousands of dollars of cryptocurrency after Ethereum Classic website was hacked where the owner of Classic Ether Wallet was impersonated, gained access to the domain registry and then redirected the domains to their servers.…”

Section: Introductionmentioning

confidence: 99%

Systematic Review on Social Engineering: Hacking by Manipulating Humans

Bhusal¹

2021

JIS

View full text Add to dashboard Cite

Despite the availability of advanced security software and hardware mechanisms available, still, there has been a breach in the defence system of an organization or individual. Social engineering mostly targets the weakest link in the security system i.e. "Humans" for gaining access to sensitive information by manipulating human psychology. Social engineering attacks are arduous to defend as such attacks are not easily detected by available security software or hardware. This article surveys recent studies on social engineering attacks with discussion on the social engineering phases and categorizing the various attacks into two groups. The main aim of this survey is to examine the various social engineering attacks on individuals and countermeasures against social engineering attacks are also discussed.

show abstract

Exploiting the Human Factor: Social Engineering Attacks on Cryptocurrency Users

Cited by 23 publications

References 35 publications

Security of Cryptocurrencies: A View on the State-of-the-Art Research and Current Developments

Security of Cryptocurrencies: A View on the State-of-the-Art Research and Current Developments

Enhanced social engineering framework mitigating against social engineering attacks in higher education

Systematic Review on Social Engineering: Hacking by Manipulating Humans

Contact Info

Product

Resources

About