@inproceedings{7195aa285db44bb8bf844a027155a1cf,
title = "Telephone-based social engineering attacks: An experiment testing the success and time decay of an intervention",
abstract = "The objective of this study is to get insight into the effectiveness of an information campaign to counter a social engineering attack via the telephone. Four different offenders phoned 48 employees and made them believe that their PC was distributing spam emails. Targets were told that this unfortunate situation could be solved by downloading and executing software from a website (i.e. an untrusted one). A total of 46.15 % of the employees not exposed to the intervention followed the instructions of the offender. This was significantly different to those exposed to an intervention 1 week prior to the attack (9.1%); however there was no effect for those exposed to an intervention 2 weeks prior to the attack (54.6%). This research suggests that scam awareness-raising campaigns reduce vulnerability only in the short term.",
keywords = "SCS-Cybersecurity, EC Grant Agreement nr.: FP7/2007-2013, EC Grant Agreement nr.: FP7/318003, Retention, Scam, Training, IR-98314, Social Engineering, Time, EWI-26500, Awareness, Decay, METIS-315056, Telephone",
author = "Jan-Willem Bullee and L. Montoya and Marianne Junger and Hartel, {Pieter H.}",
note = "Foreground = 100%; Type of activity = conference; Main leader =UT; Type of audience = scientific community, industry; Size of audience = 150; Countries addressed = international;; Singapore Cyber Security R&D Conference, SG-CRC 2015 ; Conference date: 14-01-2016 Through 15-01-2016",
year = "2016",
month = jan,
doi = "10.3233/978-1-61499-617-0-107",
language = "Undefined",
isbn = "978-1-61499-616-3",
series = "Cryptology and Information Security Series",
publisher = "IOS",
pages = "107--114",
editor = "A. Mathur and A. Roychoudhury",
booktitle = "Proceedings of the inaugural Singapore Cyber Security R&D Conference (SG-CRC 2016)",
address = "Netherlands",
}