PHISHING AWARENESS AND SECURITY CONCERNS: ANALYZING THE ROLE OF ANTI-PHISHING KNOWLEDGE AND INTERNET EXPERIENCE IN ONLINE BANKING USERS

Personal Information Protection Law of the People's Republic of China, which came into effect in November of 2021, formally established the legal procedures concerning informed consent in the collection of personal information. The law specifies that personal biometric information is officially considered sensitive personal information. It imposes more stringent requirements for its collection and processing in order to ensure that the information rights of the information subjects remain protected. Based on the understanding of technical risks involved in securing personal biometric information, as well as the inherent risks of information privacy in general, this paper will systematically review the current rules concerning informed consent in the collection of personal biometric information as stipulated by Chinese laws and regulations, as well as other national standards. Taking existing issues as guidance, we will also explore the compliance and regulation of the commercial use of personal biometric information under the informed consent regulations by determining the most common instances in which these rules were violated in practice.

People rely on data-driven AI technologies nearly every time they go online, whether they are shopping, scrolling through news feeds, or looking for entertainment. Yet despite their ubiquity, personalization algorithms and the associated large-scale collection of personal data have largely escaped public scrutiny. Policy makers who wish to introduce regulations that respect people’s attitudes towards privacy and algorithmic personalization on the Internet would greatly benefit from knowing how people perceive personalization and personal data collection. To contribute to an empirical foundation for this knowledge, we surveyed public attitudes towards key aspects of algorithmic personalization and people’s data privacy concerns and behavior using representative online samples in Germany (N = 1065), Great Britain (N = 1092), and the United States (N = 1059). Our findings show that people object to the collection and use of sensitive personal information and to the personalization of political campaigning and, in Germany and Great Britain, to the personalization of news sources. Encouragingly, attitudes are independent of political preferences: People across the political spectrum share the same concerns about their data privacy and show similar levels of acceptance regarding personalized digital services and the use of private data for personalization. We also found an acceptability gap: People are more accepting of personalized services than of the collection of personal data and information required for these services. A large majority of respondents rated, on average, personalized services as more acceptable than the collection of personal information or data. The acceptability gap can be observed at both the aggregate and the individual level. Across countries, between 64% and 75% of respondents showed an acceptability gap. Our findings suggest a need for transparent algorithmic personalization that minimizes use of personal data, respects people’s preferences on personalization, is easy to adjust, and does not extend to political advertising.

The development of modern digital technology has created opportunities for online retailing. In order to fully develop the online market, increase consumer satisfaction by providing personalised products and services, and thus increase customer stickiness and develop potential markets, online retailers often collect personal information of their customers through online questionnaires and other means. However, it is unavoidable that this marketing method raises questions about consumers' personal privacy. For this reason, this study examined the correlation between the parameters governing corporations' acquisition of customers' personally identifiable information and customers' proclivity for divulging such personal data, using the Chinese youth population as an example. The data for this research was gathered through an online questionnaire administered to a sample of 159 respondents, and subsequently subjected to correlation and regression analyses for testing. The study's findings demonstrate a significant positive impact of merchants' boundaries regarding the collection of personal information from users on the willingness of the Chinese youth demographic to disclose their personal information, and there is a partial mediation effect of this effect. On the one hand, merchants' personal information collection boundaries on users will directly affect Chinese youth groups' willingness to disclose personal information; on the other hand, the limitations imposed by merchants on the collection of users' personal information can influence the perceived trust levels within the Chinese youth demographic. This, in turn, affects the willingness of these youth groups to share their personal information. Drawing from the study's outcomes, this paper drew some insights into online information collection by businesses and propose directions for further research in the future.

The purpose of this study was to determine the factors affecting awareness of phishing among Generation Y in Malaysia. Specifically, this study identified three factors that may influence awareness of phishing by applying the Theory of Technology Threat Avoidance. The factors are social engineering, anti-phishing knowledge, and security concern. Data was collected through a questionnaire survey. This study found that all the factors significantly influenced awareness of phishing among Generation Y in Malaysia. The findings of this study provide a further understanding of the factors that affect awareness of phishing. This study would benefit the public, especially Generation Y, the government, and all types of businesses, including financial institutions, by raising awareness of phishing and reducing phishing attacks. Keywords: phishing, Generation Y, social engineering, anti-phishing knowledge, security concern

Just what the doctor ordered: The role of information sensitivity and trust in reducing medical information privacy concern

Currently, social media is ubiquitous and essential for social networking and content sharing. It is an effective platform for teaching and learning in higher education and provides a novel way to communicate between instructors and pupils. Thus, the purpose of this study was to present a research framework to examine students’ motivation to adopt an e-learning system with social medial platforms. This cross-sectional study used the questionnaire to collect data from the students in Taiwan. A framework has examined students’ motivation to adopt an e-learning system with social medial platforms based on the modified technology acceptance model (TAM) and technology threat avoidance theory (TTAT). The research framework was evaluated by structural equation modeling (SEM) and represented by Smart-PLS. A total of 262 valid responses were used for statistical analysis. The results recommended modified research model explains 77.0% of the variance of motivation to adopt (R2 = 0.77). The findings also supported perceived usefulness, perceived ease of use, perceived cost, perceived effectiveness, and self-efficacy significantly influenced students’ motivation to use. Results also indicated threat appraisal, perceived susceptibility, and perceived severity are not significant factors for predicting students’ motivation to adopt e-learning in higher education.

Social media platforms have become vast and powerful tools for connecting, communicating, sharing content, conducting business, and disseminating news and information. The history and evolution of social media illustrates not only the digital society’s ever-growing dependence on social media, but also the downside to this reliance, namely the challenges of protecting a social media user’s privacy and personal information. As technological advancement such as artificial intelligence (AI) grow and impacts on the way data, not only personal but also product and service data, is collected, the spotlight is increasingly focusing on the difficulties in privacy and data protection in an AI-era. The discussion focusses on the misconduct by social media companies in respect of privacy and personal information and the lessons learnt from the way in which social media companies have dealt with social media users’ information. Since self-regulation by a social media company does not provide adequate safeguards that privacy and personal information will be protected, limitations to the collection, use, access, and storage of personal information must be imposed by means of legislation. To ensure compliance, non-compliance must be linked to a penalty and enforced by a government. Privacy and data protection regulations were formulated in a pre-AI era, and at that stage, the implications of the rapid evolution of AI on privacy and data protection were not foreseen. To ensure digital trust in an AI era, the legal consequences of misconduct of social media companies must be explored. Social media users must have control of their own data and social media companies must be clear about the kind of data a company will collect on its users, and for what purposes. The lessons learnt from past misconduct is also indicative of whether personal data protection legislation is flexible enough to provide for AI or whether specific legislation must be implemented as society enters the AI era. As the Fourth Industrial Revolution takes shape and AI gains prominence, the data legal landscape is evolving with compliance and enforcement being key to protecting privacy and data, addressing legal uncertainty, and ensuring trust.

Privacy is a major concern for governments, corporate organizations and individuals and emergence of digitized methods for the storage of information has pushed man-kind into the 21st Century and also has brought about the need for data privacy and confidentiality. Cyber crime began to take off in early 2000’s when social media came to life and usage of internet resources allows for a user to disclose information in certain contexts, while the information remains protected and it’s uses remains limited by an obligation to maintain confidentiality. Re-searchers and other controllers and processors of person-al data have to protect the personal information from un-authorized access as the date of birth collected as part of personal information can pose a great risk to the privacy rights of a user and increase the rate of Identity theft. This research is based on collection of personal informa-tion from 300 users (age 22-60), using numerological ap-proach. The information collected from every user was analyzed by reducing the date of birth of each user to a numerical value which in turn gives a life path number and the life path number revealed who the user is, their deepest values and some of their life challenges. From the analysis of the data, 258 users confirmed that the result was very accurate,23 users said it’s somewhat accurate, 12 users are not sure(50/50), 3 user said its inaccurate and there are 4 void result. The results of the analysis carried out on the user data provides proof that the provision of a users birth information posses a great threat to the privacy and safety of a user and also instrumental in cyber crime and social engineering process.

Gendering the commodity audience in social media

Examining the effect of regulatory factors on avoiding online blackmail threats on social media: A structural equation modeling approach

Human rights and freedoms, guarantees of their observance and protection should be the basis of the activities of any democratic country in the world. The issue of information security becomes particularly relevant in modern conditions, because medical institutions collect and store personal data of persons who contact them, the results of laboratory and instrumental research, diagnoses, medical histories, etc. Endless reforms, changes in legislation, introduction of an electronic system in the field of health care cause a lot of discussions about individual mechanisms of its functioning and ensuring the protection of personal data. The collection of personal data must be lawful, subject to strict requirements and for a legitimate purpose. In addition, persons or organizations engaged in the collection and processing of personal information must protect it from abuse and respect the rights of data owners guaranteed by law. The reform of legislation in the field of data protection should take place in parallel with the dynamic process of development of Internet technologies, including the creation of a formalized system of legislation in the field of privacy. In addition, considerable attention should be paid to the level of awareness of citizens about how their personal data may be collected and used. In particular, the request for consent to the processing of personal data must be clear; access to own data should be simplified and their mobility should be increased for easier transfer of data from one service to another; companies and organizations must report serious security breaches in a timely manner. And of course, ensuring the appropriate level of responsibility and reporting of all those involved in personal data processing. Health care is increasingly reliant on information technology. More and more hospitals and healthcare institutions are using information and communication technologies to support and improve their work. Digital technologies are widely used in the public health care sector, including electronic prescriptions, appointments with a family doctor, records of services rendered, hospitalization, hospital discharge, etc. In this context, a wide range of eHealth tools and services have emerged. Electronic medical records are created in such a way that it is possible to transfer patient data between different medical professionals. Although digital health technologies have so many important functions, their high dependence on sensitive patient health information can cause information security issues. At the same time, a significant part of personal health data is often collected without informing patients about it.

In an era dominated by digital connectivity, where people are more connected than ever, understanding how humans can securely interact is crucial. This paper delves into the intricate relationship between social engineering and social media, unraveling the multifaceted dimensions that underscore the human aspects of cybersecurity. As technological defenses evolve, adversaries increasingly exploit the vulnerabilities inherent in human behavior (Wang et al., 2020), making it imperative to dissect the interplay between social engineering tactics and the pervasive influence of social media platforms.The study begins by scrutinizing the psychological underpinnings that make individuals susceptible to social engineering attacks, emphasizing the intricate relationship between trust, curiosity, and social connectivity (Albladi & Weir, 2020). Through a comprehensive critical analysis of real-world examples people encounter in their day-to-day lives, the paper exposes the diverse strategies employed by malicious actors to manipulate human cognition and breach organizational defenses. This examination not only dissects the intricacies of phishing, pretexting, and impersonation but also sheds light on the role of emotional triggers and cognitive biases that amplify the effectiveness of these tactics (Wang, Zhu, & Sun, 2021).A significant portion of the paper is dedicated to understanding the role social media plays when it comes to social engineering. The pervasive nature of social media platforms provides a fertile ground for threat actors to extract personal information, exploit social connections, and craft tailored attacks. The paper navigates through the intricate web of privacy erosion, information oversharing, and the amplification of social influence, emphasizing how these factors contribute to the efficacy of social engineering endeavors (Albladi & Weir, 2020).Furthermore, the study explores the role of emerging technologies, such as artificial intelligence and machine learning, in launching social engineering attacks, posing new challenges to the human-centric cybersecurity aspects. To address the ever-changing terrain of social engineering, these emerging technologies advocate for a proactive and flexible strategy that combines technological defenses with a solid understanding of human behavior.In an era dominated by digital connectivity, where individuals are more interconnected than ever, this paper elucidates the critical relationship between social engineering, social media, and cybersecurity. By dissecting psychological vulnerabilities and real-world examples, it underscores the intricate tactics employed by adversaries to exploit human behavior. Emphasizing the role of trust, curiosity, and social connectivity, the study unveils the amplifying effect of emotional triggers and cognitive biases. Focusing on social media's pervasive influence, the paper highlights how platforms contribute to privacy erosion and information exploitation. Acknowledging the challenges posed by emerging technologies, it advocates for a dynamic cybersecurity strategy grounded in both technology and an acute understanding of human behavior. ReferencesAlbladi, S. M., & Weir, G. R. S. (2020). Predicting individuals’ vulnerability to social engineering in social networks. Cybersecurity, 3(1). https://doi.org/10.1186/s42400-020-00047-5Wang, Z., Sun, L., & Zhu, H. (2020). Defining Social Engineering in Cybersecurity. IEEE Access, 8, 85094–85115. https://doi.org/10.1109/access.2020.2992807Wang, Z., Zhu, H., & Sun, L. (2021). Social Engineering in Cybersecurity: Effect Mechanisms, Human Vulnerabilities and Attack Methods. IEEE Access, 9, 11895–11910. https://doi.org/10.1109/access.2021.3051633

Recommendations for Social Media Use in Hospitals and Health Care Facilities

The Social Media Contradiction: Data Mining and Digital Death

Introduction This study explores whether internet users' concerns for personal information privacy, principally manifested as online privacy, are related to their attitudes to government surveillance and national ID cards (often perceived as a surveillance tool). This is a relationship which needs to be explored in-depth because of three concurrent trends -- first, the push towards e-government, where citizen-government transactions are increasingly conducted online; second, the growing use of smart cards, RFID tags and other portable information collection and transmission devices by governments and businesses; and third, calls for greater government surveillance, both online and offline, to counter terrorism in the post 9/11 environment. While prior research has dealt with individual concerns about online privacy and individual concerns about government surveillance, studies exploring the relationship between the two are limited. This study seeks to fill that gap by surveying Internet users across five cities which vary in their experience of government surveillance and the use of national ID cards -- Bangalore, New York, Seoul, Singapore and Sydney. Personal information privacy is the individual's ability to personally control information about him/herself. Such information could include anything from one's birth registration details, to the identities and coordinates of one's next-of-kin, income and expenditure patterns and even health records. In countries where day-to-day transactions with commercial and government entities are increasingly being conducted online, involving the electronic collection of personal information, online privacy is the principal manifestation of personal information privacy. As e-commerce and e-government services become more pervasive, Internet users' concerns about online privacy are likely to grow. Individual online privacy concerns have been classified into improper acquisition, improper use and privacy invasion. 12 Concerns about improper acquisition relate to unauthorized access to personal information, improper collection of one's private information and improper monitoring of consumers' online activities. Concerns about improper use cover unauthorised analysis of consumers' online shopping behavior and the subsequent business-to-business transfer of such analyses. Concerns about privacy invasion refer to the transmission of information to Internet users without their prior consent, such as spam, as well as the improper storage of personal information. To maintain their online privacy, Internet users can engage in self-protective behaviour such as opting out, using privacy enhancing technologies, reading privacy policies, or checking trust marks. Studies have been conducted to test concern about online privacy as a function of demographic variables. Sheehan 10 found that gender was a significant factor in that female consumers were generally more concerned about their personal privacy than male consumers. In general, older consumers 2 were also more concerned about online privacy. The relationship between consumers' experience with the Internet and online privacy concerns has also been explored. Bellman et al. 2 reported that consumers' online privacy concerns diminished with Internet experience. As more consumers use the Internet and the average level of experience rises, online privacy concerns should gradually diminish. In general, studies have demonstrated that demographic variables and Internet-related experiences significantly affect Internet users' concern about online privacy.