Open Access
ARTICLE
Assessing User’s Susceptibility and Awareness of Cybersecurity Threats
College of Computers and Information Technology, Taif University, Taif, 21944, Saudi Arabia
* Corresponding Author: Maha M. Althobaiti. Email:
(This article belongs to the Special Issue: Humans and Cyber Security Behaviour)
Intelligent Automation & Soft Computing 2021, 28(1), 167-177. https://doi.org/10.32604/iasc.2021.016660
Received 07 January 2021; Accepted 07 February 2021; Issue published 17 March 2021
Abstract
Cybersecurity threats, including those involving machine learning, malware, phishing, and cryptocurrency, have become more sophisticated. They target sensitive information and put institutions, governments, and individuals in a continual state of risk. In 2019, phishing attacks became one of the most common and dangerous cyber threats. Such attacks attempt to steal sensitive data, such as login and payment card details, from financial, social, and educational websites. Many universities have suffered data breaches, serving as a prime example of victims of attacks on educational websites. Owing to advances in phishing tactics, strategies, and technologies, the end-user is the main victim of an attack scenario. According to several studies, the end-user can play a significant role in preventing a phishing attack. Therefore, this study was conducted to investigate the levels of user awareness regarding cyber threats and explore the relationship between the knowledge on cybercrimes and the awareness of phishing, within the context of cybercrime targeting educational websites. An observational experiment using ‘think aloud’ method was conducted with 20 students from Taif University. The results indicated that although the participants demonstrated an advanced level of information technology experience as specialists in computer science and computer engineering, their susceptibility to phishing was high. The results of this study will contribute to the cybersecurity research field in terms of proposing risk management plans, delivering embedded training to end-users, and improving spam detecting tools.Keywords
Cite This Article
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.