Role of Attention and Design Cues for Influencing Cyber-Sextortion Using Social Engineering and Phishing Attacks

Abstract

Cyber sextortion attacks are security and privacy threats delivered to victims online, to distribute sexual material in order to force the victim to act against their will. This continues to be an under-addressed concern in society. This study investigated social engineering and phishing email design and influence techniques in susceptibility to cyber sextortion attacks. Using a quantitative methodology, a survey measured susceptibility to cyber sextortion with a focus on four different email design cues. One-way repeated measures ANOVA, post hoc comparison tests, Friedman nonparametric test, and Spearman correlation tests were conducted with results indicating that attention to email source and title/subject line significantly increased individuals’ susceptibility, while attention to grammar and spelling, and urgency cues, had lesser influence. As such, the influence of these message-related factors should be considered when implementing effective security controls to mitigate the risks and vulnerabilities to cyber sextortion attacks.