The relevance of the study of social engineering is due to the ever-growing number of cyberattacks that use the human factor as the main penetration vector. Attackers, using various methods such as phishing, vishing, pretexting, and others, cause significant damage to organisations by stealing confidential data, undermining reputation, and disrupting the smooth operation of business processes. The growth of social engineering-related cyberattacks requires improving the legal framework and developing new cybersecurity standards. The article analyses modern methods of social engineering, their impact on information systems and organisations, and identifies the main areas of protection against these threats. Particular attention is paid to the role of the human factor in cybersecurity and the need for an integrated approach that combines technical, organisational and educational measures. Particular attention is paid to the challenges associated with the human factor in cybersecurity systems, as well as the importance of an integrated approach to combating these threats. The author substantiates the need to integrate cybersecurity education and training programmes to reduce the risk of successful social engineering attacks. Prospects for further research are identified, in particular in the development of interactive training programmes to raise user awareness and the development of new algorithms for the automatic detection of social attack attempts
Read full abstract