The increasing prevalence of digital communication has made students a primary target for various cyber threats, including identity deception and impersonation techniques that can lead to data breaches and financial loss. In Saudi Arabia, where the youth population is digitally active and integrated into online learning environments, understanding their vulnerability to such threats is paramount. This paper investigates university students’ awareness, confidence, and behavioral responses to different types of spoofing attacks, including email, SMS, caller ID, and website spoofing, in Saudi Arabia. A survey was conducted to gather data from 1437 students at Saudi Electronic University, and it was analyzed using a quantitative research methodology and different statistical tests, such as Chi-square tests, Friedman tests, Kruskal–Wallis tests, correlation analysis, and regression models. The analysis results indicate that students exhibit a relatively high level of awareness. However, awareness and confidence vary across demographic groups, with significant differences associated with gender and age group. The results also reveal a significant gap between perceived confidence and detection ability in scenario-based assessments, highlighting that self-reported awareness does not necessarily translate into practical identification skills. The study emphasizes the importance of strengthening practical cybersecurity education, simulation-based training, and effective awareness delivery methods to improve students’ ability to recognize impersonation-based cyber threats in the Saudi educational sector.
Niddal Imam (Sun,) studied this question.