Abstract
The explosion of online social networking (OSN) in recent years has caused damages to organisations due to leakage of information by their employees. Employees’ social networking behaviour, whether accidental or intentional, provides an opportunity for advanced persistent threats (APT) attackers to realise their social engineering techniques and undetectable zero-day exploits. APT attackers use a spear-phishing method that targeted on key employees of victim organisations through social media in order to conduct reconnaissance and theft of confidential proprietary information. This conceptual paper posits OSN as the most challenging channel of information leakage and provides an explanation about the underlying factors of employees leaking information via this channel through a theoretical lens from information systems. It also describes how OSN becomes an attack vector of APT owing to employees’ social networking behaviour, and finally, recommends security education, training and awareness (SETA) for organisations to combat these threats.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
