Lack of security awareness -social engineering attacks work because of the availability heuristic, law of reciprocity, and law of consistency. in the past people have had experiences where a co-worker with a legitimate problem asked for help and been grateful for it. so by consistency, they feel the urge to help others again the way theyve helped out somebody in the past. by availability, when someone asks for help, they associate that ask for help for every legitimate cry for help, and times when they needed help themselves and were helped; so essentially theyre being a good samaritan. if an awareness program were to be implemented where employees could be aware of social engineering tactics, they would be more likely to think about them, and be more suspect of an attack when someone does ask for a favor. with this knowledge in intuition, an employee will make a smarter decision.
Answer Anonymously
Copy Link
