Skip to main content

Does Security Attitude Really Predict Susceptibility to Persuasion Tactics in Social Engineering Attempts?

Muhanad, A., Supti, T. I., Abuelezz, I., Yankouskaya, A., Khan, K. M., Barhamgi, M., Nhlabatsi, A. and Ali, R., 2025. Does Security Attitude Really Predict Susceptibility to Persuasion Tactics in Social Engineering Attempts? Information and Computer Security. (In Press)

Full text available as:

[thumbnail of Manuscript with Authors Details.pdf]
Preview
PDF
Manuscript with Authors Details.pdf - Accepted Version
Available under License Creative Commons Attribution Non-commercial.

536kB

DOI: 10.1108/ICS-11-2024-0280

Abstract

Purpose – This study investigates whether an individual’s security attitude (SA) predicts susceptibility to persuasion in social engineering (SE) attempts. Design/methodology/approach – We examined susceptibility to Cialdini's six principles of persuasion in SE contexts. 323 participants from the United Kingdom and 329 from Arab Gulf Cooperation Countries (Arab GCC) were surveyed. Participants were presented with 12 scenarios involving a request to download an app from a member of a social media group, six persuasive scenarios and six neutral counterparts. The six-item security attitude scale (SA-6) measured participants' attitudes toward security practices. Findings –Some positive correlations were found between SA and vulnerability to specific persuasion principles. Regression analyses indicated that SA was a significant predictor of vulnerability. Notably, higher SA was associated with slightly increased vulnerability in all significant models. Practical Implications – These findings highlight the need for effective strategies to resist SE attacks involving immunity to persuasion tactics. Individuals with higher security attitudes may be overconfident and underestimating risks. Originality – The effect of persuasion was uniquely distilled and measured by the difference between the impact of the persuasion scenario and its neutral version, representing a method novelty. Furthermore, it includes a sample from the Arab GCC, an often-neglected population in research. The paper is the first to compare SA, related to security knowledge-seeking and following security recommendations, with psychological immunity to persuasion in a security context.

Item Type:Article
ISSN:2056-4961
Uncontrolled Keywords:Social engineering; Security attitude; Persuasion; Cialdini principles; Risk-taking; Arab; UK
Group:Faculty of Science & Technology
ID Code:40898
Deposited By: Symplectic RT2
Deposited On:31 Mar 2025 10:34
Last Modified:31 Mar 2025 10:34

Downloads

Downloads per month over past year

More statistics for this item...
Repository Staff Only -