Abstract
Purpose: E-Government system emerged as a novel public service provision platform that enables governance in an efficient and transparent manner globally. However, despite the success recorded so far by the increase in the use of information and communication technology (ICT) and E-government for public service provision. Social engineering attack (SEA) is one of the challenging information security attacks that prove to be difficult to tackle. This is because the attackers leverage on peoples’ weakness to exploit the system instead of technical vulnerabilities. Design/Methodology/Approach: This paper uses PESTLE (political, economic, social, technology, legal and environment) analysis to critically evaluate the external factors affecting SEAs in E-government system. Findings/Result: The study identified phishing, Baiting, Pretexting, Quid Pro Quo, Honey Trap, Tail Gating, and Pharming as the major SEA techniques used to exploit E-government systems. Furthermore, the author suggest training and awareness programme as the most effective way to detect as well as prevent SEA in E-government system. Users should be aware of the languages with terms requesting urgent response as well as unusual or unexpected situation in a suspicious messages or attachment as factors to detect SEA. Technical controls using natural language processes (NLP), security policies, multifactor authentication (MFA) as well as secured preservation of confidential information from suspicious users are some of the SEA preventive measures. Originality/Value: A flexible and efficient interaction among citizens, businesses and government organizations is a critical factor for successful E-Government system. SEA is one of major challenges affecting communications in E-government system that requires attention. In conclusion, studies toward technological approach for solution of SEA in E-government is recommended. Paper Type: Conceptual Research.
Highlights
Social engineering in the information security perspective refers to a collection of fraudulent activities on the network with the aim of getting confidential information from people
5.1 Social Engineering Attacks in E-Government System Despite the huge investment made in E-government system worldwide, the expected success of this novel innovation is not yet fully realised due to security challenges
Despite the success of security technologies designed to support secured communication as well as detect breaches in E-government systems, Social engineering attack (SEA) exploits the “weakest link” vulnerability of people leading to improper protection of personal and confidential information in the systems
Summary
Social engineering in the information security perspective refers to a collection of fraudulent activities on the network with the aim of getting confidential information from people. It is high time governments and organizations invest on ways of detecting as well as preventing social engineering attacks. An extension of the STRAYSHEEP by [25] conducted an experiment that creeps sequences of malicious web pages that detects and gathered potential SEAs generally as well as identified tricks used by attackers.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
