Human Susceptibility to Social Engineering Attacks: an innovative approach to social change

Cyber threats are genuine in today's information age and are a concern to organizations and individuals. Threats like malware, man-in-the-middle attacks, social engineering, and denial of service are disturbing everyday life. A Social Engineering attack occurs when someone targets a person or entity's social aspects to gain compliance, confidence, and trust, leading them to reveal data or change their behavior on behalf of the attacker. It involves manipulating people to perform actions or disclose confidential information. The post-COVID era has seen a sharp increase in cyber fraud cases, particularly against the older generation. Social engineering attacks, however, are an area where theory-based empirical research has been scarce for the past few years. Although there is a significant corpus of anecdotal literature, the causes of successful attacks are still mostly unknown. A preliminary study was conducted through a survey related to security knowledge, awareness, social engineering, phishing, scams, Internet usage, education, and organization. This paper aims to understand the awareness among people significantly above 45 years of age regarding this type of information security threat.