Options
The dark side of social networking sites : Understanding phishing risks
Journal
Computers in Human Behavior
ISSN
0747-5632
ISSN-Digital
1873-7692
Type
journal article
Date Issued
2016-07-01
Author(s)
Research Team
IWI3
Abstract
LinkedIn, with over 1.5 million Groups, has become a popular place for business employees to create private groups to exchange information and communicate. Recent research on social networking sites (SNSs) has widely explored the phenomenon and its positive effects on firms. However, social networking's negative effects on information security were not adequately addressed. Supported by the credibility, persuasion and motivation theories, we conducted 1) a field experiment, demonstrating how sensitive organizational data can be exploited, followed by 2) a qualitative study of employees engaged in SNSs activities; and 3) interviews with Chief Information Security Officers (CISOs). Our research has resulted in four main findings: 1) employees are easily deceived and susceptible to victimization on SNSs where contextual elements provide psychological triggers to attackers; 2) organizations lack mechanisms to control SNS online security threats, 3) companies need to strengthen their information security policies related to SNSs, where stronger employee identification and authentication is needed, and 4) SNSs have become important security holes where, with the use of social engineering techniques, malicious attacks are easily facilitated.
Language
English
Keywords
Social networking sites
Field experiment
Deception
Employee psychology
HSG Classification
not classified
HSG Profile Area
SoM - Business Innovation
Refereed
Yes
Publisher
Elsevier
Publisher place
Amsterdam [u.a.]
Volume
60
Start page
35
End page
43
Pages
9
Subject(s)
Division(s)
Eprints ID
247617