Russian Federation
Russian Federation
Various information resources focus on social engineering methods as the most significant threats to the information security of organizations and the financial sector. Despite the development of technical, organizational, lawmaking and other security measures, the threats caused by social engineering attacks remain relevant. This article describes an overview of published dissertations and research articles that have investigated the mechanisms of social engineering attacks and defensive mechanisms. The article also provides a description of the ideas for developing new protection methods, the scope of application of these instruments, capabilities and limitations. In the course of the analysis of the defensive methods against social engineering attacks proposed in scientific works, a list of similarities and completeness of the description of the information security violator, attack channels, the main stages of the impact, the proposed protective measures is presented, and also a scientific novelty.
social engineering, information security, intruder model, review of scientific works, literary analysis
1. Azarov A.A. Veroyatnostno-relyacionnye modeli i algoritmy obrabotki profilya uyazvimostej pol'zovatelej pri analize zashchishchyonnosti personala informacionnyh sistem ot socioinzhenernyh atak: dis. … kand. tekhn. nauk. SPb., 2013. 232 s.
2. Abramov M.V. Metody i algoritmy analiza zashchishchyonnosti pol'zovatelej informacionnyh sistem ot socioinzhenernyh atak: ocenka parametrov modelej: dis. … kand. tekhn. nauk. SPb., 2018. 232 s.
3. Starostenko N.I. Pervonachal'nyj etap rassledovaniya hishchenij, sovershennyh s primeneniem metodov social'noj inzhenerii i informacionno-telekommunikacionnyh tekhnologij: dis. … kand. yurid. nauk. Krasnodar, 2023. 230 s.
4. Zotina E.V. Moshennichestvo s ispol'zovaniem informacionno-telekommunikacionnyh tekhnologij i priemov social'noj inzhenerii: kriminologicheskoe issledovanie: dis. … kand. yurid. nauk. Kazan', 2024. 249 s.
5. Aldawood H.A. An Awareness Policy Framework for Cyber Security Social Engineering Threats: diss. The University of Newcastle, Australia. 2020.
6. Social Engineering Defense Mechanisms and InfoSec Policies: A Survey and Qualitative Analysis. URL: https://escholarship.org/uc/item/7h783589 (data obrashcheniya: 20.08.2025).
7. The impact of source characteristics on users\' susceptibility to social engineering Victimization in social networks. URL: https://eprints.qut.edu.au/95604/ (data obrashcheniya: 23.08.2025).
8. A user-centric framework for addressing vulnerability to social engineering in social networks: a mixed methods study of a Saudi academic community. URL: https://stax.strath.ac.uk/concern/theses/n009w2322 (data obrashcheniya: 26.08.2025).
9. Bullee, J-W. Enschede: Centre for Telematics and Information Technology (CTIT). URL: https://research.utwente.nl/en/publications/experimental-social-engineering-investigation-and-prevention/ (data obrashcheniya: 26.08.2025).
10. Utilising the concept of human-as-a-security-sensor for detecting semantic social engineering attacks. URL: https://gala.gre.ac.uk/id/eprint/23420/ (data obrashcheniya: 30.08.2025).
11. Mouton F. Social engineering attack detection model: diss. University of Pretoria, South Africa. 2018.
12. Kikerpill K. Crime-as-communication: detecting diagnostically useful information from the content and context of social engineering attacks. 2021.
13. Vargis J. M. Analyzing COVID-19 Era Cyber Threats on the Elderly: Toward Realizing N-Of-1 Countermeasures to Enhance Cyber Situational Awareness of Social Engineering Attacks: diss. Marymount University, 2023. DOIhttps://doi.org/10.13140/RG.2.2.25092.81289.
14. Social engineering, imperfect human / J. Neumeier [et al.] // Economic Vector. 2022. № 2 (29). P. 11–16. DOI:https://doi.org/10.36807/2411-7269-2022-2-29-11-16.
15. Destruktivnaya social'naya inzheneriya kak ugroza ekonomicheskoj bezopasnosti: masshtaby yavleniya i mery predotvrashcheniya / L. V. Sanina [i dr.] // Baikal Research Journal. 2021. T. 12. № 2. DOI:https://doi.org/10.17150/2411-6262.2021.12(2).14.
16. Zhurin S.I., D.E. Komarkov Zashchita vneshnego informacionnogo perimetra organizacii ot celevogo fishinga // Bezopasnost' informacionnyh tekhnologij. 2018. T. 25. № 4. S. 95–107.
17. Fedosenko M.Yu., Menshchikov A.A. Vozmozhnosti primeneniya metodov social'noj inzhenerii v organizacii telefonnogo moshennichestva // Ekonomika i kachestvo sistema svyazi. 2021. № 4 (22). S. 36–47.
18. Naumova K.D., Radygin V.Yu. Issledovanie osnovnyh metodov protivodejstviya atakam, osnovannym na metodah social'noj inzhenerii, na predmet ih effektivnosti i primenimosti k sovremennoj situacii v RF // Innovacionnye mekhanizmy upravleniya cifrovoj i regional'noj ekonomikoj: sb. materialov V Mezhdunar. stud. nauch. konf. Moskva, 2023. S. 145–158.
19. Issledovanie mekhanizmov social'noj inzhenerii i analiz metodov protivodejstviya / V.Yu. Evglevskij [i dr.] // Elektronnyj setevoj politematicheskij zhurnal «Nauchnye trudy KubGTU». 2021. № 2. S. 57–68.
20. Vorob'eva I.A., Sazonov A.I. Metody social'noj inzhenerii v kontekste kiberbezopasnosti // Colloquium-Journal. 2020. № 8-1 (60). S. 65–70.
21. Polyanskaya E.P. Ispol'zovanie informacionno-telekommunikacionnyh tekhnologij v metodah social'noj inzhenerii // Kriminologicheskij zhurnal. 2023. № 1. S. 204–209. DOI:https://doi.org/10.24412/2687-0185-2023-1-204-209.
22. Maksimenko R.O., Zvyaginceva P.A. Tipovoj algoritm vozdejstviya v social'noj inzhenerii // Interekspo Geo-Sibir'. 2019. T. 6. № 2. S. 33–38. DOI:https://doi.org/10.33764/2618-981X-2019-6-2-33-38.
23. Rao U. H., Nayak U. Social engineering // The InfoSec Handbook: An Introduction to Information Security. Berkeley, CA: Apress, 2014. P. 307–323. DOI:https://doi.org/10.1007/978-1-4302-6383-8_15.
24. Advanced social engineering attacks / K. Krombholz [et al.] // Journal of Information Security and applications. 2015. T. 22. P. 113–122. DOI:https://doi.org/10.1016/j.jisa.2014.09.005.
25. Generic taxonomy of social engineering attack and defence mechanism for handheld computer study / C.F.M. Foozy [et al.] // Malaysian Technical Universities International Conference on Engineering & Technology, Batu Pahat, Johor. 2011.
26. A comprehensive survey on social engineering-based attacks on social networks / A. Naz [et al.] // International Journal of Advanced and Applied Sciences. 2024. T. 11. №. 4. S. 139–154. DOI:https://doi.org/10.21833/ijaas.2024.04.016.
27. Salahdine F., Kaabouch N. Social engineering attacks: A survey // Future internet. 2019. T. 11. №. 4. S. 89. DOI:https://doi.org/10.3390/fi11040089.
28. SEAtech: Deception Techniques in Social Engineering Attacks: An Analysis of Emerging Trends and Countermeasures / D. Chapagain [et al.] // arXiv preprint arXiv:2408.02092. 2024. DOI:https://doi.org/10.48550/arXiv.2408.02092.
29. Alnusif M. Emerging Threats in Cybersecurity: A Comprehensive Analysis of DDoS and Social Engineering Attacks // International Journal of Engineering and Computer Science. 2025. Vol. 13, Iss. 07. P. 27473–27487. DOI:https://doi.org/10.18535/ijecs.v14i07.5185.
30. Huseynov F., Ozdenizci Kose B. Using machine learning algorithms to predict individuals’ tendency to be victim of social engineering attacks // Information Development. 2024. T. 40. №. 2. S. 298–318. DOI:https://doi.org/10.1177/02666669221116336.
31. Komashinskij D.V., Kotenko I.V., Chechulin A.A. Kategorirovanie veb-sajtov dlya blokirovaniya veb-stranic s nepriemlemym soderzhimym // Sistemy vysokoj dostupnosti. 2011. T. 7. № 2. S. 102–106.
32. Dajneko A.S., Kyuner A.P., Chechulin A.A. Social'naya inzheneriya. Harakteristiki atakuyushchego i skhema ataki // Vestnik Sankt-Peterburgskogo gosudarstvennogo universiteta tekhnologii i dizajna. Ser. 1: Estestvennye i tekhnicheskie nauki. 2024. № 3. S. 68–74. DOI:https://doi.org/10.46418/2079-8199_2024_3_11.
